Replace Opaque and Strict options with a TunnelServer option.

src/connection.h

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: connection.h,v 1.1.2.37 2003/11/10 22:31:53 guus Exp $
+    $Id: connection.h,v 1.1.2.38 2003/11/17 15:30:16 guus Exp $
 */
 
 #ifndef __TINC_CONNECTION_H__
@@ -41,9 +41,7 @@ typedef struct connection_status_t {
 	int encryptout:1;			/* 1 if we can encrypt outgoing traffic */
 	int decryptin:1;			/* 1 if we have to decrypt incoming traffic */
 	int mst:1;				/* 1 if this connection is part of a minimum spanning tree */
-	int opaque:1;				/* 1 if we do not forward information about other nodes */
-	int strict:1;				/* 1 if we strictly check edges and subnets received from this connection */
-	int unused:18;
+	int unused:23;
 } connection_status_t;
 
 #include "edge.h"

src/meta.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: meta.c,v 1.1.2.49 2003/11/10 22:31:53 guus Exp $
+    $Id: meta.c,v 1.1.2.50 2003/11/17 15:30:17 guus Exp $
 */
 
 #include "system.h"
@@ -88,7 +88,7 @@ void broadcast_meta(connection_t *from, const char *buffer, int length)
 	for(node = connection_tree->head; node; node = node->next) {
 		c = node->data;
 
-		if(c != from && c->status.active && !c->status.opaque)
+		if(c != from && c->status.active)
 			send_meta(c, buffer, length);
 	}
 }

src/net.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: net.c,v 1.35.4.200 2003/08/28 21:05:10 guus Exp $
+    $Id: net.c,v 1.35.4.201 2003/11/17 15:30:17 guus Exp $
 */
 
 #include "system.h"
@@ -72,14 +72,16 @@ static void purge(void)
 			for(snode = n->subnet_tree->head; snode; snode = snext) {
 				snext = snode->next;
 				s = snode->data;
-				send_del_subnet(broadcast, s);
+				if(!tunnelserver)
+					send_del_subnet(broadcast, s);
 				subnet_del(n, s);
 			}
 
 			for(enode = n->edge_tree->head; enode; enode = enext) {
 				enext = enode->next;
 				e = enode->data;
-				send_del_edge(broadcast, e);
+				if(!tunnelserver)
+					send_del_edge(broadcast, e);
 				edge_del(e);
 			}
 		}
@@ -178,7 +180,7 @@ void terminate_connection(connection_t *c, bool report)
 		closesocket(c->socket);
 
 	if(c->edge) {
-		if(report)
+		if(report && !tunnelserver)
 			send_del_edge(broadcast, c->edge);
 
 		edge_del(c->edge);
@@ -193,7 +195,8 @@ void terminate_connection(connection_t *c, bool report)
 			edge_t *e;
 			e = lookup_edge(c->node, myself);
 			if(e) {
-				send_del_edge(broadcast, e);
+				if(!tunnelserver)
+					send_del_edge(broadcast, e);
 				edge_del(e);
 			}
 		}

src/net_setup.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: net_setup.c,v 1.1.2.45 2003/10/11 12:16:12 guus Exp $
+    $Id: net_setup.c,v 1.1.2.46 2003/11/17 15:30:17 guus Exp $
 */
 
 #include "system.h"
@@ -291,6 +291,8 @@ bool setup_myself(void)
 	if(myself->options & OPTION_TCPONLY)
 		myself->options |= OPTION_INDIRECT;
 
+	get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
+
 	if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
 		if(!strcasecmp(mode, "router"))
 			routing_mode = RMODE_ROUTER;

src/protocol.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.c,v 1.28.4.147 2003/08/28 21:05:10 guus Exp $
+    $Id: protocol.c,v 1.28.4.148 2003/11/17 15:30:17 guus Exp $
 */
 
 #include "system.h"
@@ -30,6 +30,8 @@
 #include "utils.h"
 #include "xalloc.h"
 
+bool tunnelserver = false;
+
 /* Jumptable for the request handlers */
 
 static bool (*request_handlers[])(connection_t *) = {

src/protocol.h

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.h,v 1.5.4.44 2003/07/30 21:52:41 guus Exp $
+    $Id: protocol.h,v 1.5.4.45 2003/11/17 15:30:18 guus Exp $
 */
 
 #ifndef __TINC_PROTOCOL_H__
@@ -54,6 +54,8 @@ typedef struct past_request_t {
 	time_t firstseen;
 } past_request_t;
 
+extern bool tunnelserver;
+
 /* Maximum size of strings in a request */
 
 #define MAX_STRING_SIZE 2048

src/protocol_auth.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol_auth.c,v 1.1.4.29 2003/11/10 22:31:53 guus Exp $
+    $Id: protocol_auth.c,v 1.1.4.30 2003/11/17 15:30:18 guus Exp $
 */
 
 #include "system.h"
@@ -476,19 +476,6 @@ bool send_ack(connection_t *c)
 	if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY)
 		c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
 
-	choice = false;
-	get_config_bool(lookup_config(config_tree, "Opaque"), &choice);
-	get_config_bool(lookup_config(c->config_tree, "Opaque"), &choice);
-	c->status.opaque = choice;
-
-	if(c->status.opaque)
-		c->options |= OPTION_INDIRECT;
-
-	choice = false;
-	get_config_bool(lookup_config(config_tree, "Strict"), &choice);
-	get_config_bool(lookup_config(c->config_tree, "Strict"), &choice);
-	c->status.strict = choice;
-
 	return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options);
 }
 
@@ -501,6 +488,15 @@ static void send_everything(connection_t *c)
 
 	/* Send all known subnets and edges */
 
+	if(tunnelserver) {
+		for(node = myself->subnet_tree->head; node; node = node->next) {
+			s = node->data;
+			send_add_subnet(c, s);
+		}
+
+		return;
+	}
+
 	for(node = node_tree->head; node; node = node->next) {
 		n = node->data;
 
@@ -565,8 +561,7 @@ bool ack_h(connection_t *c)
 
 	/* Send him everything we know */
 
-	if(!c->status.opaque)
-		send_everything(c);
+	send_everything(c);
 
 	/* Create an edge_t for this connection */
 
@@ -586,10 +581,10 @@ bool ack_h(connection_t *c)
 
 	/* Notify everyone of the new edge */
 
-	if(c->status.opaque)
-		send_add_edge(broadcast, c->edge);
-	else
+	if(tunnelserver)
 		send_add_edge(c, c->edge);
+	else
+		send_add_edge(broadcast, c->edge);
 
 	/* Run MST and SSSP algorithms */
 

src/protocol_edge.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol_edge.c,v 1.1.4.22 2003/11/10 22:31:53 guus Exp $
+    $Id: protocol_edge.c,v 1.1.4.23 2003/11/17 15:30:18 guus Exp $
 */
 
 #include "system.h"
@@ -110,7 +110,7 @@ bool add_edge_h(connection_t *c)
 		node_add(to);
 	}
 
-	if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node)
+	if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node)
 		return false;
 
 	/* Convert addresses */
@@ -157,7 +157,7 @@ bool add_edge_h(connection_t *c)
 
 	/* Tell the rest about the new edge */
 
-	if(!c->status.opaque)
+	if(!tunnelserver)
 		forward_request(c);
 
 	/* Run MST before or after we tell the rest? */
@@ -225,7 +225,7 @@ bool del_edge_h(connection_t *c)
 		return true;
 	}
 
-	if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node)
+	if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node)
 		return false;
 
 	/* Check if edge exists */
@@ -247,7 +247,7 @@ bool del_edge_h(connection_t *c)
 
 	/* Tell the rest about the deleted edge */
 
-	if(!c->status.opaque)
+	if(!tunnelserver)
 		forward_request(c);
 
 	/* Delete the edge */
@@ -263,7 +263,8 @@ bool del_edge_h(connection_t *c)
 	if(!to->status.reachable) {
 		e = lookup_edge(to, myself);
 		if(e) {
-			send_del_edge(broadcast, e);
+			if(!tunnelserver)
+				send_del_edge(broadcast, e);
 			edge_del(e);
 		}
 	}

src/protocol_key.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol_key.c,v 1.1.4.23 2003/10/11 12:16:13 guus Exp $
+    $Id: protocol_key.c,v 1.1.4.24 2003/11/17 15:30:18 guus Exp $
 */
 
 #include "system.h"
@@ -80,7 +80,8 @@ bool key_changed_h(connection_t *c)
 
 	/* Tell the others */
 
-	forward_request(c);
+	if(!tunnelserver)
+		forward_request(c);
 
 	return true;
 }
@@ -130,6 +131,9 @@ bool req_key_h(connection_t *c)
 		memset(from->late, 0, sizeof(from->late));
 		send_ans_key(c, myself, from);
 	} else {
+		if(tunnelserver)
+			return false;
+
 		send_req_key(to->nexthop->connection, from, to);
 	}
 
@@ -189,6 +193,9 @@ bool ans_key_h(connection_t *c)
 	/* Forward it if necessary */
 
 	if(to != myself) {
+		if(tunnelserver)
+			return false;
+
 		return send_request(to->nexthop->connection, "%s", c->buffer);
 	}
 

src/protocol_subnet.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol_subnet.c,v 1.1.4.16 2003/11/10 22:31:53 guus Exp $
+    $Id: protocol_subnet.c,v 1.1.4.17 2003/11/17 15:30:18 guus Exp $
 */
 
 #include "system.h"
@@ -94,7 +94,7 @@ bool add_subnet_h(connection_t *c)
 		node_add(owner);
 	}
 
-	if(c->status.opaque && owner != myself && owner != c->node)
+	if(tunnelserver && owner != myself && owner != c->node)
 		return false;
 
 	/* Check if we already know this subnet */
@@ -114,13 +114,35 @@ bool add_subnet_h(connection_t *c)
 		return true;
 	}
 
+	/* In tunnel server mode, check if the subnet matches one in the config file of this node */
+
+	if(tunnelserver) {
+		config_t *cfg;
+		subnet_t *allowed;
+
+		for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
+			if(!get_config_subnet(cfg, &allowed))
+				return false;
+
+			if(!subnet_compare(s, allowed))
+				break;
+
+			free_subnet(allowed);
+		}
+
+		if(!cfg)
+			return false;
+
+		free_subnet(allowed);
+	}
+
 	/* If everything is correct, add the subnet to the list of the owner */
 
 	subnet_add(owner, s);
 
 	/* Tell the rest */
 
-	if(!c->status.opaque)
+	if(!tunnelserver)
 		forward_request(c);
 
 	return true;
@@ -175,7 +197,7 @@ bool del_subnet_h(connection_t *c)
 		return true;
 	}
 
-	if(c->status.opaque && owner != myself && owner != c->node)
+	if(tunnelserver && owner != myself && owner != c->node)
 		return false;
 
 	/* Check if subnet string is valid */
@@ -216,7 +238,7 @@ bool del_subnet_h(connection_t *c)
 
 	/* Tell the rest */
 
-	if(!c->status.opaque)
+	if(!tunnelserver)
 		forward_request(c);
 
 	/* Finally, delete it. */

src/subnet.c

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: subnet.c,v 1.1.2.50 2003/08/28 21:05:11 guus Exp $
+    $Id: subnet.c,v 1.1.2.51 2003/11/17 15:30:18 guus Exp $
 */
 
 #include "system.h"
@@ -83,7 +83,7 @@ static int subnet_compare_ipv6(const subnet_t *a, const subnet_t *b)
 	return strcmp(a->owner->name, b->owner->name);
 }
 
-static int subnet_compare(const subnet_t *a, const subnet_t *b)
+int subnet_compare(const subnet_t *a, const subnet_t *b)
 {
 	int result;
 

src/subnet.h

@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: subnet.h,v 1.1.2.25 2003/10/06 14:33:04 guus Exp $
+    $Id: subnet.h,v 1.1.2.26 2003/11/17 15:30:18 guus Exp $
 */
 
 #ifndef __TINC_SUBNET_H__
@@ -63,6 +63,7 @@ typedef struct subnet_t {
 	} net;
 } subnet_t;
 
+extern int subnet_compare(const struct subnet_t *, const struct subnet_t *);
 extern subnet_t *new_subnet(void) __attribute__ ((__malloc__));
 extern void free_subnet(subnet_t *);
 extern void init_subnets(void);