diff --git a/src/connection.h b/src/connection.h index f075f19a..cc6ff718 100644 --- a/src/connection.h +++ b/src/connection.h @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: connection.h,v 1.1.2.37 2003/11/10 22:31:53 guus Exp $ + $Id: connection.h,v 1.1.2.38 2003/11/17 15:30:16 guus Exp $ */ #ifndef __TINC_CONNECTION_H__ @@ -41,9 +41,7 @@ typedef struct connection_status_t { int encryptout:1; /* 1 if we can encrypt outgoing traffic */ int decryptin:1; /* 1 if we have to decrypt incoming traffic */ int mst:1; /* 1 if this connection is part of a minimum spanning tree */ - int opaque:1; /* 1 if we do not forward information about other nodes */ - int strict:1; /* 1 if we strictly check edges and subnets received from this connection */ - int unused:18; + int unused:23; } connection_status_t; #include "edge.h" diff --git a/src/meta.c b/src/meta.c index 2ff272ec..0071eb55 100644 --- a/src/meta.c +++ b/src/meta.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: meta.c,v 1.1.2.49 2003/11/10 22:31:53 guus Exp $ + $Id: meta.c,v 1.1.2.50 2003/11/17 15:30:17 guus Exp $ */ #include "system.h" @@ -88,7 +88,7 @@ void broadcast_meta(connection_t *from, const char *buffer, int length) for(node = connection_tree->head; node; node = node->next) { c = node->data; - if(c != from && c->status.active && !c->status.opaque) + if(c != from && c->status.active) send_meta(c, buffer, length); } } diff --git a/src/net.c b/src/net.c index 7bf39897..e0b5e6f4 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.200 2003/08/28 21:05:10 guus Exp $ + $Id: net.c,v 1.35.4.201 2003/11/17 15:30:17 guus Exp $ */ #include "system.h" @@ -72,14 +72,16 @@ static void purge(void) for(snode = n->subnet_tree->head; snode; snode = snext) { snext = snode->next; s = snode->data; - send_del_subnet(broadcast, s); + if(!tunnelserver) + send_del_subnet(broadcast, s); subnet_del(n, s); } for(enode = n->edge_tree->head; enode; enode = enext) { enext = enode->next; e = enode->data; - send_del_edge(broadcast, e); + if(!tunnelserver) + send_del_edge(broadcast, e); edge_del(e); } } @@ -178,7 +180,7 @@ void terminate_connection(connection_t *c, bool report) closesocket(c->socket); if(c->edge) { - if(report) + if(report && !tunnelserver) send_del_edge(broadcast, c->edge); edge_del(c->edge); @@ -193,7 +195,8 @@ void terminate_connection(connection_t *c, bool report) edge_t *e; e = lookup_edge(c->node, myself); if(e) { - send_del_edge(broadcast, e); + if(!tunnelserver) + send_del_edge(broadcast, e); edge_del(e); } } diff --git a/src/net_setup.c b/src/net_setup.c index 3a027487..0d49ae91 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_setup.c,v 1.1.2.45 2003/10/11 12:16:12 guus Exp $ + $Id: net_setup.c,v 1.1.2.46 2003/11/17 15:30:17 guus Exp $ */ #include "system.h" @@ -291,6 +291,8 @@ bool setup_myself(void) if(myself->options & OPTION_TCPONLY) myself->options |= OPTION_INDIRECT; + get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver); + if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) { if(!strcasecmp(mode, "router")) routing_mode = RMODE_ROUTER; diff --git a/src/protocol.c b/src/protocol.c index 4e37bf55..e6c13f46 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.c,v 1.28.4.147 2003/08/28 21:05:10 guus Exp $ + $Id: protocol.c,v 1.28.4.148 2003/11/17 15:30:17 guus Exp $ */ #include "system.h" @@ -30,6 +30,8 @@ #include "utils.h" #include "xalloc.h" +bool tunnelserver = false; + /* Jumptable for the request handlers */ static bool (*request_handlers[])(connection_t *) = { diff --git a/src/protocol.h b/src/protocol.h index e85db5d1..8951cbcd 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.h,v 1.5.4.44 2003/07/30 21:52:41 guus Exp $ + $Id: protocol.h,v 1.5.4.45 2003/11/17 15:30:18 guus Exp $ */ #ifndef __TINC_PROTOCOL_H__ @@ -54,6 +54,8 @@ typedef struct past_request_t { time_t firstseen; } past_request_t; +extern bool tunnelserver; + /* Maximum size of strings in a request */ #define MAX_STRING_SIZE 2048 diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 920324fe..8aad5834 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_auth.c,v 1.1.4.29 2003/11/10 22:31:53 guus Exp $ + $Id: protocol_auth.c,v 1.1.4.30 2003/11/17 15:30:18 guus Exp $ */ #include "system.h" @@ -476,19 +476,6 @@ bool send_ack(connection_t *c) if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY) c->options |= OPTION_TCPONLY | OPTION_INDIRECT; - choice = false; - get_config_bool(lookup_config(config_tree, "Opaque"), &choice); - get_config_bool(lookup_config(c->config_tree, "Opaque"), &choice); - c->status.opaque = choice; - - if(c->status.opaque) - c->options |= OPTION_INDIRECT; - - choice = false; - get_config_bool(lookup_config(config_tree, "Strict"), &choice); - get_config_bool(lookup_config(c->config_tree, "Strict"), &choice); - c->status.strict = choice; - return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options); } @@ -501,6 +488,15 @@ static void send_everything(connection_t *c) /* Send all known subnets and edges */ + if(tunnelserver) { + for(node = myself->subnet_tree->head; node; node = node->next) { + s = node->data; + send_add_subnet(c, s); + } + + return; + } + for(node = node_tree->head; node; node = node->next) { n = node->data; @@ -565,8 +561,7 @@ bool ack_h(connection_t *c) /* Send him everything we know */ - if(!c->status.opaque) - send_everything(c); + send_everything(c); /* Create an edge_t for this connection */ @@ -586,10 +581,10 @@ bool ack_h(connection_t *c) /* Notify everyone of the new edge */ - if(c->status.opaque) - send_add_edge(broadcast, c->edge); - else + if(tunnelserver) send_add_edge(c, c->edge); + else + send_add_edge(broadcast, c->edge); /* Run MST and SSSP algorithms */ diff --git a/src/protocol_edge.c b/src/protocol_edge.c index af0b2e72..9d8443c8 100644 --- a/src/protocol_edge.c +++ b/src/protocol_edge.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_edge.c,v 1.1.4.22 2003/11/10 22:31:53 guus Exp $ + $Id: protocol_edge.c,v 1.1.4.23 2003/11/17 15:30:18 guus Exp $ */ #include "system.h" @@ -110,7 +110,7 @@ bool add_edge_h(connection_t *c) node_add(to); } - if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node) + if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node) return false; /* Convert addresses */ @@ -157,7 +157,7 @@ bool add_edge_h(connection_t *c) /* Tell the rest about the new edge */ - if(!c->status.opaque) + if(!tunnelserver) forward_request(c); /* Run MST before or after we tell the rest? */ @@ -225,7 +225,7 @@ bool del_edge_h(connection_t *c) return true; } - if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node) + if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node) return false; /* Check if edge exists */ @@ -247,7 +247,7 @@ bool del_edge_h(connection_t *c) /* Tell the rest about the deleted edge */ - if(!c->status.opaque) + if(!tunnelserver) forward_request(c); /* Delete the edge */ @@ -263,7 +263,8 @@ bool del_edge_h(connection_t *c) if(!to->status.reachable) { e = lookup_edge(to, myself); if(e) { - send_del_edge(broadcast, e); + if(!tunnelserver) + send_del_edge(broadcast, e); edge_del(e); } } diff --git a/src/protocol_key.c b/src/protocol_key.c index f0c9bcc3..049fc1e8 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_key.c,v 1.1.4.23 2003/10/11 12:16:13 guus Exp $ + $Id: protocol_key.c,v 1.1.4.24 2003/11/17 15:30:18 guus Exp $ */ #include "system.h" @@ -80,7 +80,8 @@ bool key_changed_h(connection_t *c) /* Tell the others */ - forward_request(c); + if(!tunnelserver) + forward_request(c); return true; } @@ -130,6 +131,9 @@ bool req_key_h(connection_t *c) memset(from->late, 0, sizeof(from->late)); send_ans_key(c, myself, from); } else { + if(tunnelserver) + return false; + send_req_key(to->nexthop->connection, from, to); } @@ -189,6 +193,9 @@ bool ans_key_h(connection_t *c) /* Forward it if necessary */ if(to != myself) { + if(tunnelserver) + return false; + return send_request(to->nexthop->connection, "%s", c->buffer); } diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c index cb33ba0a..e0297b99 100644 --- a/src/protocol_subnet.c +++ b/src/protocol_subnet.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol_subnet.c,v 1.1.4.16 2003/11/10 22:31:53 guus Exp $ + $Id: protocol_subnet.c,v 1.1.4.17 2003/11/17 15:30:18 guus Exp $ */ #include "system.h" @@ -94,7 +94,7 @@ bool add_subnet_h(connection_t *c) node_add(owner); } - if(c->status.opaque && owner != myself && owner != c->node) + if(tunnelserver && owner != myself && owner != c->node) return false; /* Check if we already know this subnet */ @@ -114,13 +114,35 @@ bool add_subnet_h(connection_t *c) return true; } + /* In tunnel server mode, check if the subnet matches one in the config file of this node */ + + if(tunnelserver) { + config_t *cfg; + subnet_t *allowed; + + for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) { + if(!get_config_subnet(cfg, &allowed)) + return false; + + if(!subnet_compare(s, allowed)) + break; + + free_subnet(allowed); + } + + if(!cfg) + return false; + + free_subnet(allowed); + } + /* If everything is correct, add the subnet to the list of the owner */ subnet_add(owner, s); /* Tell the rest */ - if(!c->status.opaque) + if(!tunnelserver) forward_request(c); return true; @@ -175,7 +197,7 @@ bool del_subnet_h(connection_t *c) return true; } - if(c->status.opaque && owner != myself && owner != c->node) + if(tunnelserver && owner != myself && owner != c->node) return false; /* Check if subnet string is valid */ @@ -216,7 +238,7 @@ bool del_subnet_h(connection_t *c) /* Tell the rest */ - if(!c->status.opaque) + if(!tunnelserver) forward_request(c); /* Finally, delete it. */ diff --git a/src/subnet.c b/src/subnet.c index 5d88ca68..ae8d029e 100644 --- a/src/subnet.c +++ b/src/subnet.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: subnet.c,v 1.1.2.50 2003/08/28 21:05:11 guus Exp $ + $Id: subnet.c,v 1.1.2.51 2003/11/17 15:30:18 guus Exp $ */ #include "system.h" @@ -83,7 +83,7 @@ static int subnet_compare_ipv6(const subnet_t *a, const subnet_t *b) return strcmp(a->owner->name, b->owner->name); } -static int subnet_compare(const subnet_t *a, const subnet_t *b) +int subnet_compare(const subnet_t *a, const subnet_t *b) { int result; diff --git a/src/subnet.h b/src/subnet.h index 0bf3b91c..c055edae 100644 --- a/src/subnet.h +++ b/src/subnet.h @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: subnet.h,v 1.1.2.25 2003/10/06 14:33:04 guus Exp $ + $Id: subnet.h,v 1.1.2.26 2003/11/17 15:30:18 guus Exp $ */ #ifndef __TINC_SUBNET_H__ @@ -63,6 +63,7 @@ typedef struct subnet_t { } net; } subnet_t; +extern int subnet_compare(const struct subnet_t *, const struct subnet_t *); extern subnet_t *new_subnet(void) __attribute__ ((__malloc__)); extern void free_subnet(subnet_t *); extern void init_subnets(void);