- Added experimental hackish tunneling-over-TCP support.
Just use TCPonly = true in the configuration file.
This commit is contained in:
Guus Sliepen
parent
42455e97a0
commit
fdc6a2f106
6 changed files with 103 additions and 16 deletions
|
|
@ -19,7 +19,7 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
$Id: conf.c,v 1.9.4.6 2000/07/02 13:36:18 guus Exp $
|
||||
$Id: conf.c,v 1.9.4.7 2000/08/07 14:52:14 guus Exp $
|
||||
*/
|
||||
|
||||
|
||||
|
|
@ -71,6 +71,7 @@ static internal_config_t hazahaza[] = {
|
|||
{ "VpnMask", vpnmask, TYPE_IP },
|
||||
{ "Hostnames", resolve_dns, TYPE_BOOL },
|
||||
{ "IndirectData", indirectdata, TYPE_BOOL },
|
||||
{ "TCPonly", tcponly, TYPE_BOOL },
|
||||
{ NULL, 0, 0 }
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
$Id: conf.h,v 1.6.4.5 2000/06/30 11:45:14 guus Exp $
|
||||
$Id: conf.h,v 1.6.4.6 2000/08/07 14:52:14 guus Exp $
|
||||
*/
|
||||
|
||||
#ifndef __TINC_CONF_H__
|
||||
|
|
@ -49,6 +49,7 @@ typedef enum which_t {
|
|||
vpnmask,
|
||||
resolve_dns,
|
||||
indirectdata,
|
||||
tcponly,
|
||||
} which_t;
|
||||
|
||||
typedef struct config_t {
|
||||
|
|
|
|||
17
src/net.c
17
src/net.c
|
|
@ -17,7 +17,7 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
$Id: net.c,v 1.35.4.20 2000/07/02 13:40:57 guus Exp $
|
||||
$Id: net.c,v 1.35.4.21 2000/08/07 14:52:15 guus Exp $
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
|
@ -107,16 +107,19 @@ cp
|
|||
syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
|
||||
ntohs(rp.len), cl->vpn_hostname, cl->real_hostname);
|
||||
|
||||
total_socket_out += r;
|
||||
|
||||
cl->want_ping = 1;
|
||||
|
||||
if((cl->flags | myself->flags) & TCPONLY)
|
||||
return send_tcppacket(cl, packet, ntohs(rp.len));
|
||||
|
||||
if((r = send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0)
|
||||
{
|
||||
syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
total_socket_out += r;
|
||||
|
||||
cl->want_ping = 1;
|
||||
cp
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -606,6 +609,10 @@ cp
|
|||
if(cfg->data.val == stupid_true)
|
||||
myself->flags |= EXPORTINDIRECTDATA;
|
||||
|
||||
if(cfg = get_config_val(tcponly))
|
||||
if(cfg->data.val == stupid_true)
|
||||
myself->flags |= TCPONLY;
|
||||
|
||||
if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
|
||||
{
|
||||
syslog(LOG_ERR, _("Unable to set up a listening socket"));
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
$Id: net.h,v 1.9.4.6 2000/07/01 07:49:21 guus Exp $
|
||||
$Id: net.h,v 1.9.4.7 2000/08/07 14:52:15 guus Exp $
|
||||
*/
|
||||
|
||||
#ifndef __TINC_NET_H__
|
||||
|
|
@ -50,6 +50,7 @@
|
|||
/* flags */
|
||||
#define INDIRECTDATA 0x0001 /* Used to indicate that this host has to be reached indirect */
|
||||
#define EXPORTINDIRECTDATA 0x0002 /* Used to indicate uplink that it has to tell others to do INDIRECTDATA */
|
||||
#define TCPONLY 0x0004 /* Tells sender to send packets over TCP instead of UDP (for firewalls) */
|
||||
|
||||
typedef unsigned long ip_t;
|
||||
typedef short length_t;
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
$Id: protocol.c,v 1.28.4.19 2000/06/30 21:03:51 guus Exp $
|
||||
$Id: protocol.c,v 1.28.4.20 2000/08/07 14:52:15 guus Exp $
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
|
@ -120,6 +120,32 @@ cp
|
|||
return 0;
|
||||
}
|
||||
|
||||
/* Evil hack - TCP tunneling is bad */
|
||||
int send_tcppacket(conn_list_t *cl, void *data, int len)
|
||||
{
|
||||
cp
|
||||
if(debug_lvl > 1)
|
||||
syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
|
||||
buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
|
||||
|
||||
if((write(cl->meta_socket, buffer, buflen)) < 0)
|
||||
{
|
||||
syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if((write(cl->meta_socket, data, len)) < 0)
|
||||
{
|
||||
syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
|
||||
return -1;
|
||||
}
|
||||
|
||||
cp
|
||||
return 0;
|
||||
}
|
||||
|
||||
int send_ping(conn_list_t *cl)
|
||||
{
|
||||
cp
|
||||
|
|
@ -638,6 +664,50 @@ cp
|
|||
return 0;
|
||||
}
|
||||
|
||||
int tcppacket_h(conn_list_t *cl)
|
||||
{
|
||||
char packet[1600];
|
||||
int len;
|
||||
cp
|
||||
if(!cl->status.active)
|
||||
{
|
||||
syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if(sscanf(cl->buffer, "%*d %d", &len) != 1)
|
||||
{
|
||||
syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if(len>1600)
|
||||
{
|
||||
syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if(debug_lvl > 1)
|
||||
syslog(LOG_DEBUG, _("Got PACKET from %s (%s)"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
|
||||
/* Evil kludge comming up */
|
||||
if(read(cl->meta_socket,packet,len)!=len)
|
||||
{
|
||||
syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s)"),
|
||||
cl->vpn_hostname, cl->real_hostname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
xrecv(cl,packet);
|
||||
cp
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int ping_h(conn_list_t *cl)
|
||||
{
|
||||
cp
|
||||
|
|
@ -963,13 +1033,19 @@ int (*request_handlers[256])(conn_list_t*) = {
|
|||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
$Id: protocol.h,v 1.5.4.3 2000/06/29 17:09:08 guus Exp $
|
||||
$Id: protocol.h,v 1.5.4.4 2000/08/07 14:52:16 guus Exp $
|
||||
*/
|
||||
|
||||
#ifndef __TINC_PROTOCOL_H__
|
||||
|
|
@ -59,6 +59,7 @@ enum {
|
|||
CALCULATE = 100, /* calculate the following numer^privkey and send me the result */
|
||||
CALC_RES, /* result of the above */
|
||||
ALMOST_KEY, /* this number^privkey is the shared key */
|
||||
PACKET = 110, /* TCP tunneled network packet */
|
||||
REQ_KEY = 160, /* request public key */
|
||||
ANS_KEY, /* answer to such request */
|
||||
KEY_CHANGED, /* public key has changed */
|
||||
|
|
|
|||
Loading…
Reference in a new issue