Replace Opaque and Strict options with a TunnelServer option.

This commit is contained in:
Guus Sliepen 2003-11-17 15:30:18 +00:00
parent 0e59fb022c
commit e3220cacb5
12 changed files with 82 additions and 49 deletions

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.h,v 1.1.2.37 2003/11/10 22:31:53 guus Exp $ $Id: connection.h,v 1.1.2.38 2003/11/17 15:30:16 guus Exp $
*/ */
#ifndef __TINC_CONNECTION_H__ #ifndef __TINC_CONNECTION_H__
@ -41,9 +41,7 @@ typedef struct connection_status_t {
int encryptout:1; /* 1 if we can encrypt outgoing traffic */ int encryptout:1; /* 1 if we can encrypt outgoing traffic */
int decryptin:1; /* 1 if we have to decrypt incoming traffic */ int decryptin:1; /* 1 if we have to decrypt incoming traffic */
int mst:1; /* 1 if this connection is part of a minimum spanning tree */ int mst:1; /* 1 if this connection is part of a minimum spanning tree */
int opaque:1; /* 1 if we do not forward information about other nodes */ int unused:23;
int strict:1; /* 1 if we strictly check edges and subnets received from this connection */
int unused:18;
} connection_status_t; } connection_status_t;
#include "edge.h" #include "edge.h"

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: meta.c,v 1.1.2.49 2003/11/10 22:31:53 guus Exp $ $Id: meta.c,v 1.1.2.50 2003/11/17 15:30:17 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -88,7 +88,7 @@ void broadcast_meta(connection_t *from, const char *buffer, int length)
for(node = connection_tree->head; node; node = node->next) { for(node = connection_tree->head; node; node = node->next) {
c = node->data; c = node->data;
if(c != from && c->status.active && !c->status.opaque) if(c != from && c->status.active)
send_meta(c, buffer, length); send_meta(c, buffer, length);
} }
} }

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net.c,v 1.35.4.200 2003/08/28 21:05:10 guus Exp $ $Id: net.c,v 1.35.4.201 2003/11/17 15:30:17 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -72,14 +72,16 @@ static void purge(void)
for(snode = n->subnet_tree->head; snode; snode = snext) { for(snode = n->subnet_tree->head; snode; snode = snext) {
snext = snode->next; snext = snode->next;
s = snode->data; s = snode->data;
send_del_subnet(broadcast, s); if(!tunnelserver)
send_del_subnet(broadcast, s);
subnet_del(n, s); subnet_del(n, s);
} }
for(enode = n->edge_tree->head; enode; enode = enext) { for(enode = n->edge_tree->head; enode; enode = enext) {
enext = enode->next; enext = enode->next;
e = enode->data; e = enode->data;
send_del_edge(broadcast, e); if(!tunnelserver)
send_del_edge(broadcast, e);
edge_del(e); edge_del(e);
} }
} }
@ -178,7 +180,7 @@ void terminate_connection(connection_t *c, bool report)
closesocket(c->socket); closesocket(c->socket);
if(c->edge) { if(c->edge) {
if(report) if(report && !tunnelserver)
send_del_edge(broadcast, c->edge); send_del_edge(broadcast, c->edge);
edge_del(c->edge); edge_del(c->edge);
@ -193,7 +195,8 @@ void terminate_connection(connection_t *c, bool report)
edge_t *e; edge_t *e;
e = lookup_edge(c->node, myself); e = lookup_edge(c->node, myself);
if(e) { if(e) {
send_del_edge(broadcast, e); if(!tunnelserver)
send_del_edge(broadcast, e);
edge_del(e); edge_del(e);
} }
} }

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_setup.c,v 1.1.2.45 2003/10/11 12:16:12 guus Exp $ $Id: net_setup.c,v 1.1.2.46 2003/11/17 15:30:17 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -291,6 +291,8 @@ bool setup_myself(void)
if(myself->options & OPTION_TCPONLY) if(myself->options & OPTION_TCPONLY)
myself->options |= OPTION_INDIRECT; myself->options |= OPTION_INDIRECT;
get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) { if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
if(!strcasecmp(mode, "router")) if(!strcasecmp(mode, "router"))
routing_mode = RMODE_ROUTER; routing_mode = RMODE_ROUTER;

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol.c,v 1.28.4.147 2003/08/28 21:05:10 guus Exp $ $Id: protocol.c,v 1.28.4.148 2003/11/17 15:30:17 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -30,6 +30,8 @@
#include "utils.h" #include "utils.h"
#include "xalloc.h" #include "xalloc.h"
bool tunnelserver = false;
/* Jumptable for the request handlers */ /* Jumptable for the request handlers */
static bool (*request_handlers[])(connection_t *) = { static bool (*request_handlers[])(connection_t *) = {

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol.h,v 1.5.4.44 2003/07/30 21:52:41 guus Exp $ $Id: protocol.h,v 1.5.4.45 2003/11/17 15:30:18 guus Exp $
*/ */
#ifndef __TINC_PROTOCOL_H__ #ifndef __TINC_PROTOCOL_H__
@ -54,6 +54,8 @@ typedef struct past_request_t {
time_t firstseen; time_t firstseen;
} past_request_t; } past_request_t;
extern bool tunnelserver;
/* Maximum size of strings in a request */ /* Maximum size of strings in a request */
#define MAX_STRING_SIZE 2048 #define MAX_STRING_SIZE 2048

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_auth.c,v 1.1.4.29 2003/11/10 22:31:53 guus Exp $ $Id: protocol_auth.c,v 1.1.4.30 2003/11/17 15:30:18 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -476,19 +476,6 @@ bool send_ack(connection_t *c)
if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY) if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY)
c->options |= OPTION_TCPONLY | OPTION_INDIRECT; c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
choice = false;
get_config_bool(lookup_config(config_tree, "Opaque"), &choice);
get_config_bool(lookup_config(c->config_tree, "Opaque"), &choice);
c->status.opaque = choice;
if(c->status.opaque)
c->options |= OPTION_INDIRECT;
choice = false;
get_config_bool(lookup_config(config_tree, "Strict"), &choice);
get_config_bool(lookup_config(c->config_tree, "Strict"), &choice);
c->status.strict = choice;
return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options); return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options);
} }
@ -501,6 +488,15 @@ static void send_everything(connection_t *c)
/* Send all known subnets and edges */ /* Send all known subnets and edges */
if(tunnelserver) {
for(node = myself->subnet_tree->head; node; node = node->next) {
s = node->data;
send_add_subnet(c, s);
}
return;
}
for(node = node_tree->head; node; node = node->next) { for(node = node_tree->head; node; node = node->next) {
n = node->data; n = node->data;
@ -565,8 +561,7 @@ bool ack_h(connection_t *c)
/* Send him everything we know */ /* Send him everything we know */
if(!c->status.opaque) send_everything(c);
send_everything(c);
/* Create an edge_t for this connection */ /* Create an edge_t for this connection */
@ -586,10 +581,10 @@ bool ack_h(connection_t *c)
/* Notify everyone of the new edge */ /* Notify everyone of the new edge */
if(c->status.opaque) if(tunnelserver)
send_add_edge(broadcast, c->edge);
else
send_add_edge(c, c->edge); send_add_edge(c, c->edge);
else
send_add_edge(broadcast, c->edge);
/* Run MST and SSSP algorithms */ /* Run MST and SSSP algorithms */

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_edge.c,v 1.1.4.22 2003/11/10 22:31:53 guus Exp $ $Id: protocol_edge.c,v 1.1.4.23 2003/11/17 15:30:18 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -110,7 +110,7 @@ bool add_edge_h(connection_t *c)
node_add(to); node_add(to);
} }
if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node) if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node)
return false; return false;
/* Convert addresses */ /* Convert addresses */
@ -157,7 +157,7 @@ bool add_edge_h(connection_t *c)
/* Tell the rest about the new edge */ /* Tell the rest about the new edge */
if(!c->status.opaque) if(!tunnelserver)
forward_request(c); forward_request(c);
/* Run MST before or after we tell the rest? */ /* Run MST before or after we tell the rest? */
@ -225,7 +225,7 @@ bool del_edge_h(connection_t *c)
return true; return true;
} }
if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node) if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node)
return false; return false;
/* Check if edge exists */ /* Check if edge exists */
@ -247,7 +247,7 @@ bool del_edge_h(connection_t *c)
/* Tell the rest about the deleted edge */ /* Tell the rest about the deleted edge */
if(!c->status.opaque) if(!tunnelserver)
forward_request(c); forward_request(c);
/* Delete the edge */ /* Delete the edge */
@ -263,7 +263,8 @@ bool del_edge_h(connection_t *c)
if(!to->status.reachable) { if(!to->status.reachable) {
e = lookup_edge(to, myself); e = lookup_edge(to, myself);
if(e) { if(e) {
send_del_edge(broadcast, e); if(!tunnelserver)
send_del_edge(broadcast, e);
edge_del(e); edge_del(e);
} }
} }

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_key.c,v 1.1.4.23 2003/10/11 12:16:13 guus Exp $ $Id: protocol_key.c,v 1.1.4.24 2003/11/17 15:30:18 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -80,7 +80,8 @@ bool key_changed_h(connection_t *c)
/* Tell the others */ /* Tell the others */
forward_request(c); if(!tunnelserver)
forward_request(c);
return true; return true;
} }
@ -130,6 +131,9 @@ bool req_key_h(connection_t *c)
memset(from->late, 0, sizeof(from->late)); memset(from->late, 0, sizeof(from->late));
send_ans_key(c, myself, from); send_ans_key(c, myself, from);
} else { } else {
if(tunnelserver)
return false;
send_req_key(to->nexthop->connection, from, to); send_req_key(to->nexthop->connection, from, to);
} }
@ -189,6 +193,9 @@ bool ans_key_h(connection_t *c)
/* Forward it if necessary */ /* Forward it if necessary */
if(to != myself) { if(to != myself) {
if(tunnelserver)
return false;
return send_request(to->nexthop->connection, "%s", c->buffer); return send_request(to->nexthop->connection, "%s", c->buffer);
} }

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_subnet.c,v 1.1.4.16 2003/11/10 22:31:53 guus Exp $ $Id: protocol_subnet.c,v 1.1.4.17 2003/11/17 15:30:18 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -94,7 +94,7 @@ bool add_subnet_h(connection_t *c)
node_add(owner); node_add(owner);
} }
if(c->status.opaque && owner != myself && owner != c->node) if(tunnelserver && owner != myself && owner != c->node)
return false; return false;
/* Check if we already know this subnet */ /* Check if we already know this subnet */
@ -114,13 +114,35 @@ bool add_subnet_h(connection_t *c)
return true; return true;
} }
/* In tunnel server mode, check if the subnet matches one in the config file of this node */
if(tunnelserver) {
config_t *cfg;
subnet_t *allowed;
for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
if(!get_config_subnet(cfg, &allowed))
return false;
if(!subnet_compare(s, allowed))
break;
free_subnet(allowed);
}
if(!cfg)
return false;
free_subnet(allowed);
}
/* If everything is correct, add the subnet to the list of the owner */ /* If everything is correct, add the subnet to the list of the owner */
subnet_add(owner, s); subnet_add(owner, s);
/* Tell the rest */ /* Tell the rest */
if(!c->status.opaque) if(!tunnelserver)
forward_request(c); forward_request(c);
return true; return true;
@ -175,7 +197,7 @@ bool del_subnet_h(connection_t *c)
return true; return true;
} }
if(c->status.opaque && owner != myself && owner != c->node) if(tunnelserver && owner != myself && owner != c->node)
return false; return false;
/* Check if subnet string is valid */ /* Check if subnet string is valid */
@ -216,7 +238,7 @@ bool del_subnet_h(connection_t *c)
/* Tell the rest */ /* Tell the rest */
if(!c->status.opaque) if(!tunnelserver)
forward_request(c); forward_request(c);
/* Finally, delete it. */ /* Finally, delete it. */

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: subnet.c,v 1.1.2.50 2003/08/28 21:05:11 guus Exp $ $Id: subnet.c,v 1.1.2.51 2003/11/17 15:30:18 guus Exp $
*/ */
#include "system.h" #include "system.h"
@ -83,7 +83,7 @@ static int subnet_compare_ipv6(const subnet_t *a, const subnet_t *b)
return strcmp(a->owner->name, b->owner->name); return strcmp(a->owner->name, b->owner->name);
} }
static int subnet_compare(const subnet_t *a, const subnet_t *b) int subnet_compare(const subnet_t *a, const subnet_t *b)
{ {
int result; int result;

View file

@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: subnet.h,v 1.1.2.25 2003/10/06 14:33:04 guus Exp $ $Id: subnet.h,v 1.1.2.26 2003/11/17 15:30:18 guus Exp $
*/ */
#ifndef __TINC_SUBNET_H__ #ifndef __TINC_SUBNET_H__
@ -63,6 +63,7 @@ typedef struct subnet_t {
} net; } net;
} subnet_t; } subnet_t;
extern int subnet_compare(const struct subnet_t *, const struct subnet_t *);
extern subnet_t *new_subnet(void) __attribute__ ((__malloc__)); extern subnet_t *new_subnet(void) __attribute__ ((__malloc__));
extern void free_subnet(subnet_t *); extern void free_subnet(subnet_t *);
extern void init_subnets(void); extern void init_subnets(void);