From c08858baa91a00e38c0f5482dbb0817dbd0361f1 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Fri, 17 Jan 2003 00:37:20 +0000 Subject: [PATCH] - Fix indentation in some places. - Optimise select loop. - Remove unused function setup_outgoing_socket(). - Clear EVP_CIPHER_CTX structures before using them. --- src/graph.c | 17 ++++++++------- src/net.c | 25 ++++++++++++++++------- src/net_socket.c | 50 ++------------------------------------------- src/protocol_auth.c | 27 +++++++++--------------- 4 files changed, 38 insertions(+), 81 deletions(-) diff --git a/src/graph.c b/src/graph.c index b7c285fa..f0a93aee 100644 --- a/src/graph.c +++ b/src/graph.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: graph.c,v 1.1.2.21 2002/09/10 22:12:33 guus Exp $ + $Id: graph.c,v 1.1.2.22 2003/01/17 00:37:17 guus Exp $ */ /* We need to generate two trees from the graph: @@ -201,26 +201,25 @@ void sssp_bfs(void) /* Situation: - / + / / ------(n)-----(e->to) \ - \ + \ n->address is set to the e->address of the edge left of n to n. We are currently examining the edge e right of n from n: - If e->reverse->address != n->address, then e->to is probably - not reachable for the nodes left of n. We do as if the indirectdata - flag is set on edge e. + not reachable for the nodes left of n. We do as if the indirectdata + flag is set on edge e. - If edge e provides for better reachability of e->to, update - e->to and (re)add it to the todo_tree to (re)examine the reachability - of nodes behind it. + e->to and (re)add it to the todo_tree to (re)examine the reachability + of nodes behind it. */ indirect = n->status.indirect || e->options & OPTION_INDIRECT - || ((n != myself) - && sockaddrcmp(&n->address, &e->reverse->address)); + || ((n != myself) && sockaddrcmp(&n->address, &e->reverse->address)); if(e->to->status.visited && (!e->to->status.indirect || indirect)) diff --git a/src/net.c b/src/net.c index f81c4ba8..ee18037b 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.182 2002/09/15 14:55:53 guus Exp $ + $Id: net.c,v 1.35.4.183 2003/01/17 00:37:18 guus Exp $ */ #include "config.h" @@ -129,11 +129,11 @@ void purge(void) put all file descriptors in an fd_set array While we're at it, purge stuff that needs to be removed. */ -void build_fdset(fd_set * fs) +int build_fdset(fd_set * fs) { avl_node_t *node, *next; connection_t *c; - int i; + int i, max = 0; cp(); @@ -147,16 +147,27 @@ void build_fdset(fd_set * fs) connection_del(c); if(!connection_tree->head) purge(); - } else + } else { FD_SET(c->socket, fs); + if(c->socket > max) + max = c->socket; + } } for(i = 0; i < listen_sockets; i++) { FD_SET(listen_socket[i].tcp, fs); + if(listen_socket[i].tcp > max) + max = listen_socket[i].tcp; FD_SET(listen_socket[i].udp, fs); + if(listen_socket[i].udp > max) + max = listen_socket[i].udp; } FD_SET(device_fd, fs); + if(device_fd > max) + max = device_fd; + + return max; } /* @@ -317,7 +328,7 @@ void main_loop(void) { fd_set fset; struct timeval tv; - int r; + int r, maxfd; time_t last_ping_check; event_t *event; @@ -332,9 +343,9 @@ void main_loop(void) tv.tv_sec = 1 + (rand() & 7); /* Approx. 5 seconds, randomized to prevent global synchronisation effects */ tv.tv_usec = 0; - build_fdset(&fset); + maxfd = build_fdset(&fset); - r = select(FD_SETSIZE, &fset, NULL, NULL, &tv); + r = select(maxfd + 1, &fset, NULL, NULL, &tv); if(r < 0) { if(errno != EINTR && errno != EAGAIN) { diff --git a/src/net_socket.c b/src/net_socket.c index 05485f8d..b17dd8db 100644 --- a/src/net_socket.c +++ b/src/net_socket.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_socket.c,v 1.1.2.22 2002/09/15 14:55:53 guus Exp $ + $Id: net_socket.c,v 1.1.2.23 2003/01/17 00:37:20 guus Exp $ */ #include "config.h" @@ -139,7 +139,7 @@ int setup_listen_socket(sockaddr_t *sa) return -1; } #else - syslog(LOG_WARNING, _("BindToDevice not supported on this platform")); + syslog(LOG_WARNING, _("BindToInterface not supported on this platform")); #endif } @@ -242,52 +242,6 @@ void retry_outgoing(outgoing_t *outgoing) outgoing->timeout); } -int setup_outgoing_socket(connection_t *c) -{ - int option; - - cp(); - - if(debug_lvl >= DEBUG_CONNECTIONS) - syslog(LOG_INFO, _("Trying to connect to %s (%s)"), c->name, - c->hostname); - - c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP); - - if(c->socket == -1) { - syslog(LOG_ERR, _("Creating socket for %s failed: %s"), c->hostname, - strerror(errno)); - return -1; - } - - /* Optimize TCP settings */ - -#if defined(SOL_TCP) && defined(TCP_NODELAY) - option = 1; - setsockopt(c->socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option)); -#endif - -#if defined(SOL_IP) && defined(IP_TOS) - option = IPTOS_LOWDELAY; - setsockopt(c->socket, SOL_IP, IP_TOS, &option, sizeof(option)); -#endif - - /* Connect */ - - if(connect(c->socket, &c->address.sa, SALEN(c->address.sa)) == -1) { - close(c->socket); - syslog(LOG_ERR, _("Error while connecting to %s (%s): %s"), c->name, - c->hostname, strerror(errno)); - return -1; - } - - if(debug_lvl >= DEBUG_CONNECTIONS) - syslog(LOG_INFO, _("Connected to %s (%s)"), c->name, c->hostname); - - return 0; -} - - void finish_connecting(connection_t *c) { cp(); diff --git a/src/protocol_auth.c b/src/protocol_auth.c index da2fa130..134e0f06 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_auth.c,v 1.1.4.18 2003/01/12 17:02:23 guus Exp $ + $Id: protocol_auth.c,v 1.1.4.19 2003/01/17 00:37:20 guus Exp $ */ #include "config.h" @@ -152,7 +152,7 @@ int send_metakey(connection_t *c) c->outkey = xmalloc(len); if(!c->outctx) - c->outctx = xmalloc(sizeof(*c->outctx)); + c->outctx = xmalloc_and_zero(sizeof(*c->outctx)); cp(); /* Copy random data to the buffer */ @@ -224,9 +224,7 @@ int metakey_h(connection_t *c) cp(); - if(sscanf - (c->buffer, "%*d %d %d %d %d " MAX_STRING, &cipher, &digest, &maclength, - &compression, buffer) != 5) { + if(sscanf(c->buffer, "%*d %d %d %d %d " MAX_STRING, &cipher, &digest, &maclength, &compression, buffer) != 5) { syslog(LOG_ERR, _("Got bad %s from %s (%s)"), "METAKEY", c->name, c->hostname); return -1; @@ -237,8 +235,7 @@ int metakey_h(connection_t *c) /* Check if the length of the meta key is all right */ if(strlen(buffer) != len * 2) { - syslog(LOG_ERR, _("Possible intruder %s (%s): %s"), c->name, - c->hostname, "wrong keylength"); + syslog(LOG_ERR, _("Possible intruder %s (%s): %s"), c->name, c->hostname, "wrong keylength"); return -1; } @@ -248,7 +245,7 @@ int metakey_h(connection_t *c) c->inkey = xmalloc(len); if(!c->inctx) - c->inctx = xmalloc(sizeof(*c->inctx)); + c->inctx = xmalloc_and_zero(sizeof(*c->inctx)); /* Convert the challenge from hexadecimal back to binary */ @@ -265,8 +262,7 @@ int metakey_h(connection_t *c) if(debug_lvl >= DEBUG_SCARY_THINGS) { bin2hex(c->inkey, buffer, len); buffer[len * 2] = '\0'; - syslog(LOG_DEBUG, _("Received random meta key (unencrypted): %s"), - buffer); + syslog(LOG_DEBUG, _("Received random meta key (unencrypted): %s"), buffer); } /* All incoming requests will now be encrypted. */ @@ -275,10 +271,9 @@ int metakey_h(connection_t *c) if(cipher) { c->incipher = EVP_get_cipherbynid(cipher); - + if(!c->incipher) { - syslog(LOG_ERR, _("%s (%s) uses unknown cipher!"), c->name, - c->hostname); + syslog(LOG_ERR, _("%s (%s) uses unknown cipher!"), c->name, c->hostname); return -1; } @@ -298,14 +293,12 @@ int metakey_h(connection_t *c) c->indigest = EVP_get_digestbynid(digest); if(!c->indigest) { - syslog(LOG_ERR, _("Node %s (%s) uses unknown digest!"), c->name, - c->hostname); + syslog(LOG_ERR, _("Node %s (%s) uses unknown digest!"), c->name, c->hostname); return -1; } if(c->inmaclength > c->indigest->md_size || c->inmaclength < 0) { - syslog(LOG_ERR, _("%s (%s) uses bogus MAC length!"), c->name, - c->hostname); + syslog(LOG_ERR, _("%s (%s) uses bogus MAC length!"), c->name, c->hostname); return -1; } } else {