Use the TCP socket infrastructure for control sockets.
The control socket code was completely different from how meta connections are handled, resulting in lots of extra code to handle requests. Also, not every operating system has UNIX sockets, so we have to resort to another type of sockets or pipes for those anyway. To reduce code duplication and make control sockets work the same on all platforms, we now just connect to the TCP port where tincd is already listening on. To authenticate, the program that wants to control a running tinc daemon must send the contents of a cookie file. The cookie is a random 256 bits number that is regenerated every time tincd starts. The cookie file should only be readable by the same user that can start a tincd. Instead of the binary-ish protocol previously used, we now use an ASCII protocol similar to that of the meta connections, but this can still change.
This commit is contained in:
Guus Sliepen
parent
c388527e34
commit
edebf579f2
18 changed files with 294 additions and 552 deletions
|
|
@ -38,7 +38,7 @@ static bool (*request_handlers[])(connection_t *, char *) = {
|
|||
ping_h, pong_h,
|
||||
add_subnet_h, del_subnet_h,
|
||||
add_edge_h, del_edge_h,
|
||||
key_changed_h, req_key_h, ans_key_h, tcppacket_h,
|
||||
key_changed_h, req_key_h, ans_key_h, tcppacket_h, control_h,
|
||||
};
|
||||
|
||||
/* Request names */
|
||||
|
|
@ -48,7 +48,7 @@ static char (*request_name[]) = {
|
|||
"STATUS", "ERROR", "TERMREQ",
|
||||
"PING", "PONG",
|
||||
"ADD_SUBNET", "DEL_SUBNET",
|
||||
"ADD_EDGE", "DEL_EDGE", "KEY_CHANGED", "REQ_KEY", "ANS_KEY", "PACKET",
|
||||
"ADD_EDGE", "DEL_EDGE", "KEY_CHANGED", "REQ_KEY", "ANS_KEY", "PACKET", "CONTROL",
|
||||
};
|
||||
|
||||
static splay_tree_t *past_request_tree;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue