Merge local host configuration with server configuration.
With some exceptions, tinc only accepted host configuration options for the local node from the corresponding host configuration file. Although this is documented, many people expect that they can also put those options in tinc.conf. Tinc now internally merges the contents of both tinc.conf and the local host configuration file.
This commit is contained in:
parent
8c3105283a
commit
ff71f28902
4 changed files with 27 additions and 24 deletions
|
@ -110,6 +110,13 @@ Note: it is not required that you put in the
|
||||||
sign, but doing so improves readability.
|
sign, but doing so improves readability.
|
||||||
If you leave it out, remember to replace it with at least one space character.
|
If you leave it out, remember to replace it with at least one space character.
|
||||||
|
|
||||||
|
.Pp
|
||||||
|
The server configuration is complemented with host specific configuration (see the next section).
|
||||||
|
Although all configuration options for the local host listed in this document can also be put in
|
||||||
|
.Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc.conf ,
|
||||||
|
it is recommended to put host specific configuration options in the host configuration file,
|
||||||
|
as this makes it easy to exchange with other nodes.
|
||||||
|
|
||||||
.Pp
|
.Pp
|
||||||
Here are all valid variables, listed in alphabetical order.
|
Here are all valid variables, listed in alphabetical order.
|
||||||
The default value is given between parentheses.
|
The default value is given between parentheses.
|
||||||
|
|
|
@ -725,6 +725,13 @@ and carriage returns are ignored. Note: it is not required that you put
|
||||||
in the `=' sign, but doing so improves readability. If you leave it
|
in the `=' sign, but doing so improves readability. If you leave it
|
||||||
out, remember to replace it with at least one space character.
|
out, remember to replace it with at least one space character.
|
||||||
|
|
||||||
|
The server configuration is complemented with host specific configuration (see
|
||||||
|
the next section). Although all host configuration options for the local node
|
||||||
|
listed in this document can also be put in
|
||||||
|
@file{@value{sysconfdir}/tinc/@var{netname}/tinc.conf}, it is recommended to
|
||||||
|
put host specific configuration options in the host configuration file, as this
|
||||||
|
makes it easy to exchange with other nodes.
|
||||||
|
|
||||||
In this section all valid variables are listed in alphabetical order.
|
In this section all valid variables are listed in alphabetical order.
|
||||||
The default value is given between parentheses,
|
The default value is given between parentheses,
|
||||||
other comments are between square brackets.
|
other comments are between square brackets.
|
||||||
|
|
|
@ -149,7 +149,7 @@ bool read_rsa_private_key(void) {
|
||||||
struct stat s;
|
struct stat s;
|
||||||
|
|
||||||
if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) {
|
if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) {
|
||||||
if(!get_config_string(lookup_config(myself->connection->config_tree, "PublicKey"), &pubkey)) {
|
if(!get_config_string(lookup_config(config_tree, "PublicKey"), &pubkey)) {
|
||||||
logger(LOG_ERR, "PrivateKey used but no PublicKey found!");
|
logger(LOG_ERR, "PrivateKey used but no PublicKey found!");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -270,6 +270,7 @@ bool setup_myself(void) {
|
||||||
config_t *cfg;
|
config_t *cfg;
|
||||||
subnet_t *subnet;
|
subnet_t *subnet;
|
||||||
char *name, *hostname, *mode, *afname, *cipher, *digest;
|
char *name, *hostname, *mode, *afname, *cipher, *digest;
|
||||||
|
char *fname = NULL;
|
||||||
char *address = NULL;
|
char *address = NULL;
|
||||||
char *envp[5];
|
char *envp[5];
|
||||||
struct addrinfo *ai, *aip, hint = {0};
|
struct addrinfo *ai, *aip, hint = {0};
|
||||||
|
@ -278,7 +279,6 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
myself = new_node();
|
myself = new_node();
|
||||||
myself->connection = new_connection();
|
myself->connection = new_connection();
|
||||||
init_configuration(&myself->connection->config_tree);
|
|
||||||
|
|
||||||
myself->hostname = xstrdup("MYSELF");
|
myself->hostname = xstrdup("MYSELF");
|
||||||
myself->connection->hostname = xstrdup("MYSELF");
|
myself->connection->hostname = xstrdup("MYSELF");
|
||||||
|
@ -299,17 +299,14 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
myself->name = name;
|
myself->name = name;
|
||||||
myself->connection->name = xstrdup(name);
|
myself->connection->name = xstrdup(name);
|
||||||
|
xasprintf(&fname, "%s/hosts/%s", confbase, name);
|
||||||
if(!read_connection_config(myself->connection)) {
|
read_config_file(config_tree, fname);
|
||||||
logger(LOG_ERR, "Cannot open host configuration file for myself!");
|
free(fname);
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!read_rsa_private_key())
|
if(!read_rsa_private_key())
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(!get_config_string(lookup_config(config_tree, "Port"), &myport)
|
if(!get_config_string(lookup_config(config_tree, "Port"), &myport))
|
||||||
&& !get_config_string(lookup_config(myself->connection->config_tree, "Port"), &myport))
|
|
||||||
myport = xstrdup("655");
|
myport = xstrdup("655");
|
||||||
|
|
||||||
if(!atoi(myport)) {
|
if(!atoi(myport)) {
|
||||||
|
@ -324,7 +321,7 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
/* Read in all the subnets specified in the host configuration file */
|
/* Read in all the subnets specified in the host configuration file */
|
||||||
|
|
||||||
cfg = lookup_config(myself->connection->config_tree, "Subnet");
|
cfg = lookup_config(config_tree, "Subnet");
|
||||||
|
|
||||||
while(cfg) {
|
while(cfg) {
|
||||||
if(!get_config_subnet(cfg, &subnet))
|
if(!get_config_subnet(cfg, &subnet))
|
||||||
|
@ -332,7 +329,7 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
subnet_add(myself, subnet);
|
subnet_add(myself, subnet);
|
||||||
|
|
||||||
cfg = lookup_config_next(myself->connection->config_tree, cfg);
|
cfg = lookup_config_next(config_tree, cfg);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Check some options */
|
/* Check some options */
|
||||||
|
@ -343,12 +340,6 @@ bool setup_myself(void) {
|
||||||
if(get_config_bool(lookup_config(config_tree, "TCPOnly"), &choice) && choice)
|
if(get_config_bool(lookup_config(config_tree, "TCPOnly"), &choice) && choice)
|
||||||
myself->options |= OPTION_TCPONLY;
|
myself->options |= OPTION_TCPONLY;
|
||||||
|
|
||||||
if(get_config_bool(lookup_config(myself->connection->config_tree, "IndirectData"), &choice) && choice)
|
|
||||||
myself->options |= OPTION_INDIRECT;
|
|
||||||
|
|
||||||
if(get_config_bool(lookup_config(myself->connection->config_tree, "TCPOnly"), &choice) && choice)
|
|
||||||
myself->options |= OPTION_TCPONLY;
|
|
||||||
|
|
||||||
if(myself->options & OPTION_TCPONLY)
|
if(myself->options & OPTION_TCPONLY)
|
||||||
myself->options |= OPTION_INDIRECT;
|
myself->options |= OPTION_INDIRECT;
|
||||||
|
|
||||||
|
@ -386,14 +377,12 @@ bool setup_myself(void) {
|
||||||
}
|
}
|
||||||
|
|
||||||
choice = true;
|
choice = true;
|
||||||
get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice);
|
|
||||||
get_config_bool(lookup_config(config_tree, "PMTUDiscovery"), &choice);
|
get_config_bool(lookup_config(config_tree, "PMTUDiscovery"), &choice);
|
||||||
if(choice)
|
if(choice)
|
||||||
myself->options |= OPTION_PMTU_DISCOVERY;
|
myself->options |= OPTION_PMTU_DISCOVERY;
|
||||||
|
|
||||||
choice = true;
|
choice = true;
|
||||||
get_config_bool(lookup_config(config_tree, "ClampMSS"), &choice);
|
get_config_bool(lookup_config(config_tree, "ClampMSS"), &choice);
|
||||||
get_config_bool(lookup_config(myself->connection->config_tree, "ClampMSS"), &choice);
|
|
||||||
if(choice)
|
if(choice)
|
||||||
myself->options |= OPTION_CLAMP_MSS;
|
myself->options |= OPTION_CLAMP_MSS;
|
||||||
|
|
||||||
|
@ -434,7 +423,7 @@ bool setup_myself(void) {
|
||||||
/* Generate packet encryption key */
|
/* Generate packet encryption key */
|
||||||
|
|
||||||
if(get_config_string
|
if(get_config_string
|
||||||
(lookup_config(myself->connection->config_tree, "Cipher"), &cipher)) {
|
(lookup_config(config_tree, "Cipher"), &cipher)) {
|
||||||
if(!strcasecmp(cipher, "none")) {
|
if(!strcasecmp(cipher, "none")) {
|
||||||
myself->incipher = NULL;
|
myself->incipher = NULL;
|
||||||
} else {
|
} else {
|
||||||
|
@ -462,7 +451,7 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
/* Check if we want to use message authentication codes... */
|
/* Check if we want to use message authentication codes... */
|
||||||
|
|
||||||
if(get_config_string(lookup_config(myself->connection->config_tree, "Digest"), &digest)) {
|
if(get_config_string(lookup_config(config_tree, "Digest"), &digest)) {
|
||||||
if(!strcasecmp(digest, "none")) {
|
if(!strcasecmp(digest, "none")) {
|
||||||
myself->indigest = NULL;
|
myself->indigest = NULL;
|
||||||
} else {
|
} else {
|
||||||
|
@ -478,7 +467,7 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
myself->connection->outdigest = EVP_sha1();
|
myself->connection->outdigest = EVP_sha1();
|
||||||
|
|
||||||
if(get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->inmaclength)) {
|
if(get_config_int(lookup_config(config_tree, "MACLength"), &myself->inmaclength)) {
|
||||||
if(myself->indigest) {
|
if(myself->indigest) {
|
||||||
if(myself->inmaclength > myself->indigest->md_size) {
|
if(myself->inmaclength > myself->indigest->md_size) {
|
||||||
logger(LOG_ERR, "MAC length exceeds size of digest!");
|
logger(LOG_ERR, "MAC length exceeds size of digest!");
|
||||||
|
@ -495,7 +484,7 @@ bool setup_myself(void) {
|
||||||
|
|
||||||
/* Compression */
|
/* Compression */
|
||||||
|
|
||||||
if(get_config_int(lookup_config(myself->connection->config_tree, "Compression"), &myself->incompression)) {
|
if(get_config_int(lookup_config(config_tree, "Compression"), &myself->incompression)) {
|
||||||
if(myself->incompression < 0 || myself->incompression > 11) {
|
if(myself->incompression < 0 || myself->incompression > 11) {
|
||||||
logger(LOG_ERR, "Bogus compression level!");
|
logger(LOG_ERR, "Bogus compression level!");
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -539,7 +539,7 @@ bool ack_h(connection_t *c) {
|
||||||
if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu)
|
if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu)
|
||||||
n->mtu = mtu;
|
n->mtu = mtu;
|
||||||
|
|
||||||
if(get_config_int(lookup_config(myself->connection->config_tree, "PMTU"), &mtu) && mtu < n->mtu)
|
if(get_config_int(lookup_config(config_tree, "PMTU"), &mtu) && mtu < n->mtu)
|
||||||
n->mtu = mtu;
|
n->mtu = mtu;
|
||||||
|
|
||||||
if(get_config_bool(lookup_config(c->config_tree, "ClampMSS"), &choice)) {
|
if(get_config_bool(lookup_config(c->config_tree, "ClampMSS"), &choice)) {
|
||||||
|
|
Loading…
Reference in a new issue