- Second fixing-things pass: it even links now.

- Lots of FIXME comments added to the source code.
2000-10-14 17:04:16 +00:00 · 2000-10-14 17:04:16 +00:00 · e9635ae38e
commit e9635ae38e
parent 6a8c2e346e
10 changed files with 159 additions and 84 deletions
--- a/lib/utils.c
+++ b/lib/utils.c
@ -17,6 +17,9 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 #include <sys/types.h>
 #include <ctype.h>
 #include "config.h"
 #include <utils.h>
@ -24,3 +27,29 @@
 volatile int cp_line;
 volatile char *cp_file;
 char *charbin2hex = "0123456789ABCDEF";
 int charhex2bin(char c)
 {
  if(isdigit(c))
    return c - '0';
  else
    return tolower(c) - 'a' + 10;
 }
 void hex2bin(char *src, char *dst, size_t length)
 {
  size_t i;
  for(i=0; i<length; i++)
    dst[i] = charhex2bin(src[i*2])<<4 || charhex2bin(src[i*2+1]);
 }
 void bin2hex(char *src, char *dst, size_t length)
 {
  size_t i;
  for(i=length-1; i>=0; i--)
    {
      dst[i*2+1] = charbin2hex[src[i] & 15];
      dst[i*2] = charbin2hex[src[i]>>4];
    }
 }
--- a/lib/utils.h
+++ b/lib/utils.h
@ -20,6 +20,8 @@
 #ifndef __TINC_UTILS_H__
 #define __TINC_UTILS_H__
 #include <ctype.h>
 enum {
  DEBUG_CONNECTIONS = 0,
  DEBUG_PROTOCOL,
@ -35,4 +37,7 @@ enum {
 extern volatile int cp_line;
 extern volatile char *cp_file;
 extern void hex2bin(char *src, char *dst, size_t length);
 extern void bin2hex(char *src, char *dst, size_t length);
 #endif /* __TINC_UTILS_H__ */
--- a/src/conf.c
+++ b/src/conf.c
@ -19,7 +19,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: conf.c,v 1.9.4.12 2000/10/11 22:00:57 guus Exp $
+    $Id: conf.c,v 1.9.4.13 2000/10/14 17:04:12 guus Exp $
 */
@ -38,13 +38,13 @@
 #include <utils.h> /* for cp */
 #include "config.h"
-
+#include "connlist.h"
 #include "system.h"
 config_t *config;
 int debug_lvl = 0;
 int timeout = 0; /* seconds before timeout */
-char *configfilename = NULL;
+char *confbase = NULL;           /* directory in which all config files are */
 /* Will be set if HUP signal is received. It will be processed when it is safe. */
 int sighup = 0;
@ -210,6 +210,18 @@ cp
  return err;
 }
 int read_server_config()
 {
  char *fname;
  int x;
 cp
  asprintf(fname, "%s/tinc.conf", confbase);
  x = read_config_file(&config, fname);
  free(fname);
 cp
  return x;  
 }
 /*
  Look up the value of the config option type
 */
--- a/src/conf.h
+++ b/src/conf.h
@ -17,7 +17,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: conf.h,v 1.6.4.11 2000/10/11 22:00:58 guus Exp $
+    $Id: conf.h,v 1.6.4.12 2000/10/14 17:04:13 guus Exp $
 */
 #ifndef __TINC_CONF_H__
@ -87,12 +87,13 @@ extern int debug_lvl;
 extern int timeout;
 extern int upstreamindex;
 extern int sighup;
-extern char *configfilename;
+extern char *confbase;
 extern config_t *add_config_val(config_t **, int, char *);
 extern int read_config_file(config_t **, const char *);
 extern const config_t *get_config_val(config_t *, which_t type);
 extern const config_t *get_next_config_val(config_t *, which_t type, int);
 extern void clear_config();
 extern int read_server_config(void);
 #endif /* __TINC_CONF_H__ */
--- a/src/connlist.c
+++ b/src/connlist.c
@ -17,15 +17,17 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: connlist.c,v 1.1.2.2 2000/10/11 22:00:58 guus Exp $
+    $Id: connlist.c,v 1.1.2.3 2000/10/14 17:04:13 guus Exp $
 */
 #include <syslog.h>
 #include "net.h"	/* Don't ask. */
 #include "config.h"
 #include "conf.h"
 #include <utils.h>
-#include "net.h"	/* Don't ask. */
+#include "system.h"
 /* Root of the connection list */
@ -55,8 +57,10 @@ cp
    free(p->name);
  if(p->hostname)
    free(p->hostname);
-  free_key(p->public_key);
+  if(p->public_key)
-  free_key(p->datakey);
+    RSA_free(p->public_key);
  if(p->cipher_pktkey)
    free(p->cipher_pktkey);
  free(p);
 cp
 }
@ -79,7 +83,7 @@ cp
 	  else
 	    conn_list = next;
-	  free_conn_element(p);
+	  free_conn_list(p);
 	}
      else
 	prev = p;
@ -99,7 +103,7 @@ cp
  for(p = conn_list; p != NULL; )
    {
      next = p->next;
-      free_conn_element(p);
+      free_conn_list(p);
      p = next;
    }
@ -204,3 +208,15 @@ cp
  syslog(LOG_DEBUG, _("End of connection list."));
 cp
 }
 int read_host_config(conn_list_t *cl)
 {
  char *fname;
  int x;
 cp
  asprintf(fname, "%s/hosts/%s", confbase, cl->name);
  x = read_config_file(&cl->config, fname);
  free(fname);
 cp
  return x;
 }
--- a/src/connlist.h
+++ b/src/connlist.h
@ -17,13 +17,14 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: connlist.h,v 1.1.2.2 2000/10/11 22:00:58 guus Exp $
+    $Id: connlist.h,v 1.1.2.3 2000/10/14 17:04:13 guus Exp $
 */
 #ifndef __TINC_CONNLIST_H__
 #define __TINC_CONNLIST_H__
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include "net.h"
 #include "conf.h"
@ -43,9 +44,7 @@ typedef struct conn_list_t {
  packet_queue_t *sq;              /* pending outgoing packets */
  packet_queue_t *rq;              /* pending incoming packets (they have no
 				      valid key to be decrypted with) */
-  enc_key_t *public_key;           /* the other party's public key */
+  RSA *public_key;                 /* the other party's public key */
  enc_key_t *datakey;              /* encrypt data packets with this key */
  enc_key_t *rsakey;
  EVP_CIPHER_CTX *cipher_inctx;    /* Context of encrypted meta data that will come from him to us */
  EVP_CIPHER_CTX *cipher_outctx;   /* Context of encrypted meta data that will be sent from us to him */
@ -53,7 +52,6 @@ typedef struct conn_list_t {
  EVP_CIPHER_CTX *cipher_pktctx;   /* Context of encrypted vpn packets that will be sent to him */
  EVP_CIPHER *cipher_pkttype;      /* Cipher type for encrypted vpn packets */ 
  char *cipher_pktkey;             /* Cipher key */
  char *cipher_pktiv;              /* Cipher input vector */
  char *buffer;                    /* metadata input buffer */
  int buflen;                      /* bytes read into buffer */
@ -92,5 +90,6 @@ extern conn_list_t *lookup_conn_list_mac(mac_t);
 extern conn_list_t *lookup_conn_list_ipv4(ipv4_t);
 extern conn_list_t *lookup_conn_list_ipv6(ipv6_t);
 extern void dump_conn_list(void);
 extern int read_host_config(conn_list_t *);
 #endif /* __TINC_CONNLIST_H__ */
--- a/src/net.c
+++ b/src/net.c
@ -17,7 +17,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: net.c,v 1.35.4.34 2000/10/11 22:00:58 guus Exp $
+    $Id: net.c,v 1.35.4.35 2000/10/14 17:04:13 guus Exp $
 */
 #include "config.h"
@ -59,10 +59,6 @@ int total_socket_out = 0;
 int upstreamindex = 0;
 static int seconds_till_retry;
 /* The global list of existing connections */
 conn_list_t *conn_list = NULL;
 conn_list_t *myself = NULL;
 /*
  strip off the MAC adresses of an ethernet frame
 */
@ -95,7 +91,7 @@ int xsend(conn_list_t *cl, vpn_packet_t *inpkt)
  int outlen, outpad;
 cp
  outpkt.len = inpkt->len;
-  EVP_EncryptInit(cl->cipher_pktctx, cl->cipher_pkttype, cl->cipher_pktkey, cl->cipher_pktiv);
+  EVP_EncryptInit(cl->cipher_pktctx, cl->cipher_pkttype, cl->cipher_pktkey, NULL);
  EVP_EncryptUpdate(cl->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
  EVP_EncryptFinal(cl->cipher_pktctx, outpkt.data + outlen, &outpad);
  outlen += outpad;
@ -128,7 +124,7 @@ cp
           inpkt->len);
  outpkt.len = inpkt->len;
-  EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, myself->cipher_pktiv);
+  EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, NULL);
  EVP_DecryptUpdate(myself->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
  /* FIXME: grok DecryptFinal  
  EVP_DecryptFinal(myself->cipher_pktctx, outpkt.data + outlen, &outpad);
@ -289,9 +285,6 @@ cp
  /* FIXME - check for indirection and reprogram it The Right Way(tm) this time. */
  if(my_key_expiry <= time(NULL))
    regenerate_keys();
  if(!cl->status.dataopen)
    if(setup_vpn_connection(cl) < 0)
      {
@ -538,7 +531,7 @@ cp
    {
      syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
             ncn->hostname);
-      free_conn_element(ncn);
+      free_conn_list(ncn);
      return -1;
    }
@ -559,7 +552,7 @@ int setup_myself(void)
 cp
  myself = new_conn_list();
-  myself->hostname = "MYSELF"; /* FIXME? */
+  asprintf(&myself->hostname, "MYSELF"); /* FIXME? Do hostlookup on ourselves? */
  myself->flags = 0;
  if(!(cfg = get_config_val(config, tincname))) /* Not acceptable */
@ -569,17 +562,29 @@ cp
    }
  else
    myself->name = (char*)cfg->data.val;
  if(check_id(myself->name))
    {
      syslog(LOG_ERR, _("Invalid name for myself!"));
      return -1;
    }
  if(read_host_config(myself))
    {
      syslog(LOG_ERR, _("Cannot open host configuration file for myself!"));
      return -1;
    }
-  if(!(cfg = get_config_val(myself, port)))
+  if(!(cfg = get_config_val(myself->config, port)))
    myself->port = 655;
  else
    myself->port = cfg->data.val;
-  if((cfg = get_config_val(config, indirectdata)))
+  if((cfg = get_config_val(myself->config, indirectdata)))
    if(cfg->data.val == stupid_true)
      myself->flags |= EXPORTINDIRECTDATA;
-  if((cfg = get_config_val(config, tcponly)))
+  if((cfg = get_config_val(myself->config, tcponly)))
    if(cfg->data.val == stupid_true)
      myself->flags |= TCPONLY;
@ -780,9 +785,9 @@ cp
    syslog(LOG_NOTICE, _("Connection from %s port %d"),
         p->hostname, htons(ci.sin_port));
-  if(send_basic_info(p) < 0)
+  if(send_id(p) < 0)
    {
-      free_conn_element(p);
+      free_conn_list(p);
      return NULL;
    }
 cp
@ -860,12 +865,6 @@ cp
  if(debug_lvl > 0)
    syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
           cl->name, cl->hostname);
  if(cl->status.timeout)
    send_timeout(cl);
 /*  else if(!cl->status.termreq)
    send_termreq(cl);
 */
  if(cl->socket)
    close(cl->socket);
@ -875,8 +874,11 @@ cp
  cl->status.remove = 1;
  /* If this cl isn't active, don't send any DEL_HOSTs. */
 /* FIXME: reprogram this.
  if(cl->status.active)
    notify_others(cl,NULL,send_del_host);
 */
 cp
  /* Find all connections that were lost because they were behind cl
@ -887,7 +889,9 @@ cp
        if((p->nexthop == cl) && (p != cl))
          {
            if(cl->status.active && p->status.active)
 /* FIXME: reprogram this
              notify_others(p,cl,send_del_host);
 */;
           if(cl->socket)
             close(cl->socket);
 	    p->status.active = 0;
@ -1106,6 +1110,7 @@ cp
      if(sighup)
        {
          sighup = 0;
 /* FIXME: reprogram this.
 	  if(debug_lvl > 1)
 	    syslog(LOG_INFO, _("Rereading configuration file"));
          close_network_connections();
@ -1117,6 +1122,7 @@ cp
            }
          sleep(5);
          setup_network_connections();
 */
          continue;
        }
--- a/src/net.h
+++ b/src/net.h
@ -16,7 +16,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: net.h,v 1.9.4.15 2000/10/11 22:01:00 guus Exp $
+    $Id: net.h,v 1.9.4.16 2000/10/14 17:04:15 guus Exp $
 */
 #ifndef __TINC_NET_H__
@ -25,7 +25,6 @@
 #include <sys/time.h>
 #include "config.h"
 #include "conf.h"
 #define MAXSIZE 1700  /* should be a bit more than the MTU for the tapdevice */
 #define MTU 1600
--- a/src/protocol.c
+++ b/src/protocol.c
@ -17,7 +17,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: protocol.c,v 1.28.4.38 2000/10/11 22:01:00 guus Exp $
+    $Id: protocol.c,v 1.28.4.39 2000/10/14 17:04:15 guus Exp $
 */
 #include "config.h"
@ -399,9 +399,10 @@ cp
  /* Exchange information about other tinc daemons */
 /* FIXME: reprogram this.
  notify_others(cl, NULL, send_add_host);
  notify_one(cl);
-
+*/
  upstreamindex = 0;
 cp
@ -653,9 +654,9 @@ cp
  conn_list_add(conn_list, new);
  /* Tell the rest about the new host */
-
+/* FIXME: reprogram this.
  notify_others(new, cl, send_add_host);
-
+*/
 cp
  return 0;
 }
@ -942,7 +943,7 @@ cp
  if(!strcmp(to_id, myself->name))
    {
-      send_ans_key(myself, from, myself->datakey->key);
+      send_ans_key(myself, from, myself->cipher_pktkey);
    }
  else
    {
@ -961,20 +962,20 @@ cp
  return 0;
 }
-int send_ans_key(conn_list_t *from, conn_list_t *to, char *datakey)
+int send_ans_key(conn_list_t *from, conn_list_t *to, char *pktkey)
 {
 cp
  return send_request(to->nexthop, "%d %s %s %s", ANS_KEY,
-                      from->name, to->name, datakey);
+                      from->name, to->name, pktkey);
 }
 int ans_key_h(conn_list_t *cl)
 {
-  char *from_id, *to_id, *datakey;
+  char *from_id, *to_id, *pktkey;
  int keylength;
  conn_list_t *from, *to;
 cp
-  if(sscanf(cl->buffer, "%*d %as %as %as", &from_id, &to_id, &datakey) != 3)
+  if(sscanf(cl->buffer, "%*d %as %as %as", &from_id, &to_id, &pktkey) != 3)
    {
       syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s)"),
              cl->name, cl->hostname);
@ -985,7 +986,7 @@ cp
    {
      syslog(LOG_ERR, _("Got ANS_KEY from %s (%s) origin %s which does not exist in our connection list"),
             cl->name, cl->hostname, from_id);
-      free(from_id); free(to_id); free(datakey);
+      free(from_id); free(to_id); free(pktkey);
      return -1;
    }
@ -995,18 +996,18 @@ cp
    {
      /* It is for us, convert it to binary and set the key with it. */
-      keylength = strlen(datakey);
+      keylength = strlen(pktkey);
      if((keylength%2) || (keylength <= 0))
        {
          syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s) origin %s: invalid key"),
                 cl->name, cl->hostname, from->name);
-          free(from_id); free(to_id); free(datakey);
+          free(from_id); free(to_id); free(pktkey);
          return -1;
        }
      keylength /= 2;
-      hex2bin(datakey, datakey, keylength);
+      hex2bin(pktkey, pktkey, keylength);
-      BF_set_key(cl->datakey, keylength, datakey);
+      BF_set_key(cl->cipher_pktkey, keylength, pktkey);
    }
  else
    {
@ -1014,13 +1015,13 @@ cp
        {
          syslog(LOG_ERR, _("Got ANS_KEY from %s (%s) destination %s which does not exist in our connection list"),
                 cl->name, cl->hostname, to_id);
-          free(from_id); free(to_id); free(datakey);
+          free(from_id); free(to_id); free(pktkey);
          return -1;
        }
-      send_ans_key(from, to, datakey);
+      send_ans_key(from, to, pktkey);
    }
-  free(from_id); free(to_id); free(datakey);
+  free(from_id); free(to_id); free(pktkey);
 cp
  return 0;
 }
@ -1046,3 +1047,15 @@ char (*request_name[]) = {
  "ADD_SUBNET", "DEL_SUBNET",
  "KEY_CHANGED", "REQ_KEY", "ANS_KEY",
 };
 /* Status strings */
 char (*status_text[]) = {
  "FIXME: status text",
 };
 /* Error strings */
 char (*error_text[]) = {
  "FIXME: error text",
 };
--- a/src/tincd.c
+++ b/src/tincd.c
@ -17,7 +17,7 @@
    along with this program; if not, write to the Free Software
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-    $Id: tincd.c,v 1.10.4.10 2000/10/11 22:01:02 guus Exp $
+    $Id: tincd.c,v 1.10.4.11 2000/10/14 17:04:16 guus Exp $
 */
 #include "config.h"
@ -63,8 +63,6 @@ static int kill_tincd = 0;
 /* If zero, don't detach from the terminal. */
 static int do_detach = 1;
 char *confbase = NULL;           /* directory in which all config files are */
 /* char *configfilename = NULL;     /* configuration file name, moved to config.c */
 char *identname;                 /* program name for syslog */
 char *netname = NULL;            /* name of the vpn network */
 char *pidfilename;               /* pid file location */
@ -98,7 +96,7 @@ usage(int status)
  else
    {
      printf(_("Usage: %s [option]...\n\n"), program_name);
-      printf(_("  -c, --config=FILE     Read configuration options from FILE.\n"
+      printf(_("  -c, --config=DIR      Read configuration options from DIR.\n"
 	       "  -D, --no-detach       Don't fork and detach.\n"
 	       "  -d                    Increase debug level.\n"
 	       "  -k, --kill            Attempt to kill a running tincd and exit.\n"
@ -125,8 +123,8 @@ parse_options(int argc, char **argv, char **envp)
        case 0: /* long option */
          break;
 	case 'c': /* config file */
-	  configfilename = xmalloc(strlen(optarg)+1);
+	  confbase = xmalloc(strlen(optarg)+1);
-	  strcpy(configfilename, optarg);
+	  strcpy(confbase, optarg);
 	  break;
 	case 'D': /* no detach */
 	  do_detach = 0;
@ -293,29 +291,23 @@ int kill_other(void)
 */
 void make_names(void)
 {
  if(!configfilename)
    {
      if(netname)
 	{
 	  asprintf(&configfilename, "%s/tinc/%s/tinc.conf", CONFDIR, netname);
 	}
      else
 	{
 	  asprintf(&configfilename, "%s/tinc/tinc.conf", CONFDIR);
 	}
    }
  if(netname)
    {
-      asprintf(&pidfilename, "/var/run/tinc.%s.pid", netname);
+      if(!pidfilename)
-      asprintf(&confbase, "%s/tinc/%s/", CONFDIR, netname);
+        asprintf(&pidfilename, "/var/run/tinc.%s.pid", netname);
-      asprintf(&identname, "tinc.%s", netname);
+      if(!confbase)
        asprintf(&confbase, "%s/tinc/%s", CONFDIR, netname);
      if(!identname)
        asprintf(&identname, "tinc.%s", netname);
    }
  else
    {
-      pidfilename = "/var/run/tinc.pid";
+      if(!pidfilename)
-      asprintf(&confbase, "%s/tinc/", CONFDIR);
+        pidfilename = "/var/run/tinc.pid";
-      identname = "tinc";
+      if(!confbase)
        asprintf(&confbase, "%s/tinc", CONFDIR);
      if(!identname)
        identname = "tinc";
    }
 }
@ -359,7 +351,7 @@ main(int argc, char **argv, char **envp)
  if(kill_tincd)
    exit(kill_other());
-  if(read_config_file(&config, configfilename))
+  if(read_server_config())
    return 1;
  setup_signals();
@ -367,9 +359,10 @@ main(int argc, char **argv, char **envp)
  if(detach())
    exit(0);
 /* FIXME: wt* is this suppose to do?
  if(security_init())
    return 1;
-
+*/
  for(;;)
    {
      setup_network_connections();
@ -448,7 +441,9 @@ sigusr2_handler(int a)
 {
  if(debug_lvl > 1)
    syslog(LOG_NOTICE, _("Got USR2 signal, forcing new key generation"));
 /* FIXME: reprogram this.
  regenerate_keys();
 */
 }
 RETSIGTYPE