lagertonne/tinc
1
0
Fork 0
Code Issues Pull requests Projects Releases 6 Wiki Activity

Import Upstream version 1.0.5

Browse source
This commit is contained in:
Guus Sliepen 2019-08-26 13:44:37 +02:00
parent 392ff555ea
commit a18165833b
90 changed files with 7610 additions and 5088 deletions
Download patch file Download diff file Expand all files Collapse all files

30
src/Makefile.in
View file

@ -1,4 +1,4 @@
# Makefile.in generated by automake 1.9.5 from Makefile.am.
# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@ -17,8 +17,6 @@
# $Id: Makefile.am,v 1.4.4.33 2003/08/02 15:13:08 guus Exp $
SOURCES = $(tincd_SOURCES) $(nodist_tincd_SOURCES)
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
@ -48,13 +46,14 @@ DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/aclocal-include.m4 \
$(top_srcdir)/m4/attribute.m4 $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/lzo.m4 $(top_srcdir)/m4/malloc.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/openssl.m4 \
$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \
$(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/tuntap.m4 \
$(top_srcdir)/m4/zlib.m4 $(top_srcdir)/configure.in
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/isc-posix.m4 \
$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/lzo.m4 \
$(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/nls.m4 \
$(top_srcdir)/m4/openssl.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/m4/realloc.m4 \
$(top_srcdir)/m4/tuntap.m4 $(top_srcdir)/m4/zlib.m4 \
$(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
@ -110,6 +109,7 @@ ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
GMSGFMT = @GMSGFMT@
GREP = @GREP@
HAVE_TUNTAP = @HAVE_TUNTAP@
INCLUDES = @INCLUDES@ -I$(top_builddir) -I$(top_srcdir)/lib
INSTALL_DATA = @INSTALL_DATA@
@ -151,8 +151,6 @@ USE_NLS = @USE_NLS@
VERSION = @VERSION@
XGETTEXT = @XGETTEXT@
ac_ct_CC = @ac_ct_CC@
ac_ct_RANLIB = @ac_ct_RANLIB@
ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__include = @am__include@
@ -167,23 +165,30 @@ build_cpu = @build_cpu@
build_os = @build_os@
build_vendor = @build_vendor@
datadir = @datadir@
datarootdir = @datarootdir@
docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
host = @host@
host_alias = @host_alias@
host_cpu = @host_cpu@
host_os = @host_os@
host_vendor = @host_vendor@
htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
localedir = $(datadir)/locale
localstatedir = @localstatedir@
mandir = @mandir@
mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
@ -201,7 +206,6 @@ noinst_HEADERS = conf.h connection.h device.h edge.h event.h graph.h logger.h me
tincd_LDADD = \
$(top_builddir)/lib/libvpn.a
localedir = $(datadir)/locale
AM_CFLAGS = @CFLAGS@ -DCONFDIR=\"$(sysconfdir)\" -DLOCALEDIR=\"$(localedir)\" -DLOCALSTATEDIR=\"$(localstatedir)\"
all: all-am

4
src/bsd/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction BSD tun/tap device
Copyright (C) 2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2001-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2001-2005 Ivo Timmermans,
2001-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by

11
src/conf.c
View file

@ -1,9 +1,9 @@
/*
conf.c -- configuration code
Copyright (C) 1998 Robert van der Meulen
1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
2000 Cris van Pelt <tribbel@arise.dhs.org>
1998-2005 Ivo Timmermans
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
2000 Cris van Pelt
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -19,7 +19,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: conf.c 1439 2005-05-04 18:09:30Z guus $
$Id: conf.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"
@ -33,7 +33,8 @@
avl_tree_t *config_tree;
int pingtimeout = 0; /* seconds before timeout */
int pinginterval = 0; /* seconds between pings */
int pingtimeout = 0; /* seconds to wait for response */
char *confbase = NULL; /* directory in which all config files are */
char *netname = NULL; /* name of the vpn network */

7
src/conf.h
View file

@ -1,7 +1,7 @@
/*
conf.h -- header for conf.c
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: conf.h 1439 2005-05-04 18:09:30Z guus $
$Id: conf.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_CONF_H__
@ -36,6 +36,7 @@ typedef struct config_t {
extern avl_tree_t *config_tree;
extern int pinginterval;
extern int pingtimeout;
extern int maxtimeout;
extern bool bypass_security;

11
src/connection.c
View file

@ -1,7 +1,7 @@
/*
connection.c -- connection list management
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.c 1439 2005-05-04 18:09:30Z guus $
$Id: connection.c 1456 2006-08-08 13:21:08Z guus $
*/
#include "system.h"
@ -121,8 +121,9 @@ void dump_connections(void)
for(node = connection_tree->head; node; node = node->next) {
c = node->data;
logger(LOG_DEBUG, _(" %s at %s options %lx socket %d status %04x"),
c->name, c->hostname, c->options, c->socket, *(uint32_t *)&c->status);
logger(LOG_DEBUG, _(" %s at %s options %lx socket %d status %04x outbuf %d/%d/%d"),
c->name, c->hostname, c->options, c->socket, c->status.value,
c->outbufsize, c->outbufstart, c->outbuflen);
}
logger(LOG_DEBUG, _("End of connections."));

41
src/connection.h
View file

@ -1,7 +1,7 @@
/*
connection.h -- header for connection.c
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: connection.h 1439 2005-05-04 18:09:30Z guus $
$Id: connection.h 1456 2006-08-08 13:21:08Z guus $
*/
#ifndef __TINC_CONNECTION_H__
@ -32,17 +32,20 @@
#define OPTION_TCPONLY 0x0002
#define OPTION_PMTU_DISCOVERY 0x0004
typedef struct connection_status_t {
int pinged:1; /* sent ping */
int active:1; /* 1 if active.. */
int connecting:1; /* 1 if we are waiting for a non-blocking connect() to finish */
int termreq:1; /* the termination of this connection was requested */
int remove:1; /* Set to 1 if you want this connection removed */
int timeout:1; /* 1 if gotten timeout */
int encryptout:1; /* 1 if we can encrypt outgoing traffic */
int decryptin:1; /* 1 if we have to decrypt incoming traffic */
int mst:1; /* 1 if this connection is part of a minimum spanning tree */
int unused:23;
typedef union connection_status_t {
struct {
int pinged:1; /* sent ping */
int active:1; /* 1 if active.. */
int connecting:1; /* 1 if we are waiting for a non-blocking connect() to finish */
int termreq:1; /* the termination of this connection was requested */
int remove:1; /* Set to 1 if you want this connection removed */
int timeout:1; /* 1 if gotten timeout */
int encryptout:1; /* 1 if we can encrypt outgoing traffic */
int decryptin:1; /* 1 if we have to decrypt incoming traffic */
int mst:1; /* 1 if this connection is part of a minimum spanning tree */
int unused:23;
};
uint32_t value;
} connection_status_t;
#include "edge.h"
@ -59,7 +62,7 @@ typedef struct connection_t {
int socket; /* socket used for this connection */
long int options; /* options for this connection */
struct connection_status_t status; /* status info */
connection_status_t status; /* status info */
int estimated_weight; /* estimation for the weight of the edge for this connection */
struct timeval start; /* time this connection was started, used for above estimation */
struct outgoing_t *outgoing; /* used to keep track of outgoing connections */
@ -91,7 +94,13 @@ typedef struct connection_t {
int tcplen; /* length of incoming TCPpacket */
int allow_request; /* defined if there's only one request possible */
time_t last_ping_time; /* last time we saw some activity from the other end */
char *outbuf; /* metadata output buffer */
int outbufstart; /* index of first meaningful byte in output buffer */
int outbuflen; /* number of meaningful bytes in output buffer */
int outbufsize; /* number of bytes allocated to output buffer */
time_t last_ping_time; /* last time we saw some activity from the other end or pinged them */
time_t last_flushed_time; /* last time buffer was empty. Only meaningful if outbuflen > 0 */
avl_tree_t *config_tree; /* Pointer to configuration tree belonging to him */
} connection_t;

6
src/cygwin/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction with Windows tap driver in a Cygwin environment
Copyright (C) 2002-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2002-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2002-2005 Ivo Timmermans,
2002-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.c 1439 2005-05-04 18:09:30Z guus $
$Id: device.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

4
src/device.h
View file

@ -1,7 +1,7 @@
/*
net.h -- generic header for device.c
Copyright (C) 2001-2005 Ivo Timmermans <zarq@iname.com>
2001-2005 Guus Sliepen <guus@tinc-vpn.org>
2001-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.h 1439 2005-05-04 18:09:30Z guus $
$Id: device.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_DEVICE_H__

6
src/edge.c
View file

@ -1,7 +1,7 @@
/*
edge.c -- edge tree management
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: edge.c 1439 2005-05-04 18:09:30Z guus $
$Id: edge.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

6
src/edge.h
View file

@ -1,7 +1,7 @@
/*
edge.h -- header for edge.c
Copyright (C) 2001-2005 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: edge.h 1439 2005-05-04 18:09:30Z guus $
$Id: edge.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_EDGE_H__

8
src/event.c
View file

@ -1,7 +1,7 @@
/*
event.c -- event queue
Copyright (C) 2002-2005 Guus Sliepen <guus@tinc-vpn.org>,
2002-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2002-2006 Guus Sliepen <guus@tinc-vpn.org>,
2002-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: event.c 1439 2005-05-04 18:09:30Z guus $
$Id: event.c 1469 2006-11-11 22:44:15Z guus $
*/
#include "system.h"
@ -96,7 +96,7 @@ event_t *get_expired_event(void)
event = event_tree->head->data;
if(event->time < now) {
avl_delete(event_tree, event);
event_del(event);
return event;
}
}

6
src/event.h
View file

@ -1,7 +1,7 @@
/*
event.h -- header for event.c
Copyright (C) 2002-2005 Guus Sliepen <guus@tinc-vpn.org>,
2002-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2002-2006 Guus Sliepen <guus@tinc-vpn.org>,
2002-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: event.h 1439 2005-05-04 18:09:30Z guus $
$Id: event.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_EVENT_H__

73
src/graph.c
View file

@ -1,7 +1,7 @@
/*
graph.c -- graph algorithms
Copyright (C) 2001-2005 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: graph.c 1439 2005-05-04 18:09:30Z guus $
$Id: graph.c 1464 2006-11-11 14:37:03Z guus $
*/
/* We need to generate two trees from the graph:
@ -47,6 +47,7 @@
#include "system.h"
#include "avl_tree.h"
#include "config.h"
#include "connection.h"
#include "device.h"
#include "edge.h"
@ -57,6 +58,8 @@
#include "subnet.h"
#include "utils.h"
static bool graph_changed = true;
/* Implementation of Kruskal's algorithm.
Running time: O(EN)
Please note that sorting on weight is already done by add_edge().
@ -283,6 +286,8 @@ void sssp_bfs(void)
asprintf(&envp[5], "REMOTEPORT=%s", port);
envp[6] = NULL;
execute_script(n->status.reachable ? "host-up" : "host-down", envp);
asprintf(&name,
n->status.reachable ? "hosts/%s-up" : "hosts/%s-down",
n->name);
@ -304,4 +309,66 @@ void graph(void)
{
mst_kruskal();
sssp_bfs();
graph_changed = true;
}
/* Dump nodes and edges to a graphviz file.
The file can be converted to an image with
dot -Tpng graph_filename -o image_filename.png -Gconcentrate=true
*/
void dump_graph(void)
{
avl_node_t *node;
node_t *n;
edge_t *e;
char *filename = NULL, *tmpname = NULL;
FILE *file;
if(!graph_changed || !get_config_string(lookup_config(config_tree, "GraphDumpFile"), &filename))
return;
graph_changed = false;
ifdebug(PROTOCOL) logger(LOG_NOTICE, "Dumping graph");
if(filename[0] == '|') {
file = popen(filename + 1, "w");
} else {
asprintf(&tmpname, "%s.new", filename);
file = fopen(tmpname, "w");
}
if(!file) {
logger(LOG_ERR, "Unable to open graph dump file %s: %s", filename, strerror(errno));
free(tmpname);
return;
}
fprintf(file, "digraph {\n");
/* dump all nodes first */
for(node = node_tree->head; node; node = node->next) {
n = node->data;
fprintf(file, " %s [label = \"%s\"];\n", n->name, n->name);
}
/* now dump all edges */
for(node = edge_weight_tree->head; node; node = node->next) {
e = node->data;
fprintf(file, " %s -> %s;\n", e->from->name, e->to->name);
}
fprintf(file, "}\n");
if(filename[0] == '|') {
pclose(file);
} else {
fclose(file);
rename(tmpname, filename);
free(tmpname);
}
}

7
src/graph.h
View file

@ -1,7 +1,7 @@
/*
graph.h -- header for graph.c
Copyright (C) 2001-2005 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: graph.h 1439 2005-05-04 18:09:30Z guus $
$Id: graph.h 1463 2006-11-11 14:11:16Z guus $
*/
#ifndef __TINC_GRAPH_H__
@ -26,5 +26,6 @@
extern void graph(void);
extern void mst_kruskal(void);
extern void sssp_bfs(void);
extern void dump_graph(void);
#endif /* __TINC_GRAPH_H__ */

6
src/linux/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction with Linux ethertap and tun/tap device
Copyright (C) 2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2001-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2001-2005 Ivo Timmermans,
2001-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.c 1439 2005-05-04 18:09:30Z guus $
$Id: device.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

6
src/logger.c
View file

@ -1,7 +1,7 @@
/*
logger.c -- logging code
Copyright (C) 2004-2005 Guus Sliepen <guus@tinc-vpn.org>
2004-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2004-2006 Guus Sliepen <guus@tinc-vpn.org>
2004-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: logger.c 1439 2005-05-04 18:09:30Z guus $
$Id: logger.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

79
src/meta.c
View file

@ -1,7 +1,7 @@
/*
meta.c -- handle the meta communication
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: meta.c 1439 2005-05-04 18:09:30Z guus $
$Id: meta.c 1471 2006-11-14 12:28:04Z guus $
*/
#include "system.h"
@ -32,12 +32,11 @@
#include "net.h"
#include "protocol.h"
#include "utils.h"
#include "xalloc.h"
bool send_meta(connection_t *c, const char *buffer, int length)
{
const char *bufp;
int outlen;
char outbuf[MAXBUFSIZE];
int result;
cp();
@ -45,35 +44,75 @@ bool send_meta(connection_t *c, const char *buffer, int length)
ifdebug(META) logger(LOG_DEBUG, _("Sending %d bytes of metadata to %s (%s)"), length,
c->name, c->hostname);
if(!c->outbuflen)
c->last_flushed_time = now;
/* Find room in connection's buffer */
if(length + c->outbuflen > c->outbufsize) {
c->outbufsize = length + c->outbuflen;
c->outbuf = xrealloc(c->outbuf, c->outbufsize);
}
if(length + c->outbuflen + c->outbufstart > c->outbufsize) {
memmove(c->outbuf, c->outbuf + c->outbufstart, c->outbuflen);
c->outbufstart = 0;
}
/* Add our data to buffer */
if(c->status.encryptout) {
result = EVP_EncryptUpdate(c->outctx, outbuf, &outlen, buffer, length);
if(!result || outlen != length) {
result = EVP_EncryptUpdate(c->outctx, (unsigned char *)c->outbuf + c->outbufstart + c->outbuflen,
&outlen, (unsigned char *)buffer, length);
if(!result || outlen < length) {
logger(LOG_ERR, _("Error while encrypting metadata to %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
} else if(outlen > length) {
logger(LOG_EMERG, _("Encrypted data too long! Heap corrupted!"));
abort();
}
bufp = outbuf;
length = outlen;
} else
bufp = buffer;
c->outbuflen += outlen;
} else {
memcpy(c->outbuf + c->outbufstart + c->outbuflen, buffer, length);
c->outbuflen += length;
}
while(length) {
result = send(c->socket, bufp, length, 0);
return true;
}
bool flush_meta(connection_t *c)
{
int result;
ifdebug(META) logger(LOG_DEBUG, _("Flushing %d bytes to %s (%s)"),
c->outbuflen, c->name, c->hostname);
while(c->outbuflen) {
result = send(c->socket, c->outbuf + c->outbufstart, c->outbuflen, 0);
if(result <= 0) {
if(!errno || errno == EPIPE) {
ifdebug(CONNECTIONS) logger(LOG_NOTICE, _("Connection closed by %s (%s)"),
c->name, c->hostname);
} else if(errno == EINTR)
} else if(errno == EINTR) {
continue;
else
logger(LOG_ERR, _("Sending meta data to %s (%s) failed: %s"), c->name,
#ifdef EWOULDBLOCK
} else if(errno == EWOULDBLOCK) {
ifdebug(CONNECTIONS) logger(LOG_DEBUG, _("Flushing %d bytes to %s (%s) would block"),
c->outbuflen, c->name, c->hostname);
return true;
#endif
} else {
logger(LOG_ERR, _("Flushing meta data to %s (%s) failed: %s"), c->name,
c->hostname, strerror(errno));
}
return false;
}
bufp += result;
length -= result;
c->outbufstart += result;
c->outbuflen -= result;
}
c->outbufstart = 0; /* avoid unnecessary memmoves */
return true;
}
@ -132,7 +171,7 @@ bool receive_meta(connection_t *c)
/* Decrypt */
if(c->status.decryptin && !decrypted) {
result = EVP_DecryptUpdate(c->inctx, inbuf, &lenout, c->buffer + oldlen, lenin);
result = EVP_DecryptUpdate(c->inctx, (unsigned char *)inbuf, &lenout, (unsigned char *)c->buffer + oldlen, lenin);
if(!result || lenout != lenin) {
logger(LOG_ERR, _("Error while decrypting metadata from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));

7
src/meta.h
View file

@ -1,7 +1,7 @@
/*
meta.h -- header for meta.c
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: meta.h 1439 2005-05-04 18:09:30Z guus $
$Id: meta.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_META_H__
@ -27,6 +27,7 @@
extern bool send_meta(struct connection_t *, const char *, int);
extern void broadcast_meta(struct connection_t *, const char *, int);
extern bool flush_meta(struct connection_t *);
extern bool receive_meta(struct connection_t *);
#endif /* __TINC_META_H__ */

6
src/mingw/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction with Windows tap driver in a MinGW environment
Copyright (C) 2002-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2002-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2002-2005 Ivo Timmermans,
2002-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.c 1439 2005-05-04 18:09:30Z guus $
$Id: device.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

91
src/net.c
View file

@ -1,7 +1,7 @@
/*
net.c -- most of the network code
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net.c 1439 2005-05-04 18:09:30Z guus $
$Id: net.c 1469 2006-11-11 22:44:15Z guus $
*/
#include "system.h"
@ -112,7 +112,7 @@ static void purge(void)
put all file descriptors in an fd_set array
While we're at it, purge stuff that needs to be removed.
*/
static int build_fdset(fd_set * fs)
static int build_fdset(fd_set *readset, fd_set *writeset)
{
avl_node_t *node, *next;
connection_t *c;
@ -120,7 +120,8 @@ static int build_fdset(fd_set * fs)
cp();
FD_ZERO(fs);
FD_ZERO(readset);
FD_ZERO(writeset);
for(node = connection_tree->head; node; node = next) {
next = node->next;
@ -131,22 +132,24 @@ static int build_fdset(fd_set * fs)
if(!connection_tree->head)
purge();
} else {
FD_SET(c->socket, fs);
FD_SET(c->socket, readset);
if(c->outbuflen > 0)
FD_SET(c->socket, writeset);
if(c->socket > max)
max = c->socket;
}
}
for(i = 0; i < listen_sockets; i++) {
FD_SET(listen_socket[i].tcp, fs);
FD_SET(listen_socket[i].tcp, readset);
if(listen_socket[i].tcp > max)
max = listen_socket[i].tcp;
FD_SET(listen_socket[i].udp, fs);
FD_SET(listen_socket[i].udp, readset);
if(listen_socket[i].udp > max)
max = listen_socket[i].udp;
}
FD_SET(device_fd, fs);
FD_SET(device_fd, readset);
if(device_fd > max)
max = device_fd;
@ -208,6 +211,12 @@ void terminate_connection(connection_t *c, bool report)
retry_outgoing(c->outgoing);
c->outgoing = NULL;
}
free(c->outbuf);
c->outbuf = NULL;
c->outbuflen = 0;
c->outbufsize = 0;
c->outbufstart = 0;
}
/*
@ -232,17 +241,17 @@ static void check_dead_connections(void)
if(c->last_ping_time + pingtimeout < now) {
if(c->status.active) {
if(c->status.pinged) {
ifdebug(CONNECTIONS) logger(LOG_INFO, _("%s (%s) didn't respond to PING"),
c->name, c->hostname);
ifdebug(CONNECTIONS) logger(LOG_INFO, _("%s (%s) didn't respond to PING in %ld seconds"),
c->name, c->hostname, now - c->last_ping_time);
c->status.timeout = true;
terminate_connection(c, true);
} else {
} else if(c->last_ping_time + pinginterval < now) {
send_ping(c);
}
} else {
if(c->status.remove) {
logger(LOG_WARNING, _("Old connection_t for %s (%s) status %04x still lingering, deleting..."),
c->name, c->hostname, *(uint32_t *)&c->status);
c->name, c->hostname, c->status.value);
connection_del(c);
continue;
}
@ -257,6 +266,16 @@ static void check_dead_connections(void)
}
}
}
if(c->outbuflen > 0 && c->last_flushed_time + pingtimeout < now) {
if(c->status.active) {
ifdebug(CONNECTIONS) logger(LOG_INFO,
_("%s (%s) could not flush for %ld seconds (%d bytes remaining)"),
c->name, c->hostname, now - c->last_flushed_time, c->outbuflen);
c->status.timeout = true;
terminate_connection(c, true);
}
}
}
}
@ -264,28 +283,30 @@ static void check_dead_connections(void)
check all connections to see if anything
happened on their sockets
*/
static void check_network_activity(fd_set * f)
static void check_network_activity(fd_set * readset, fd_set * writeset)
{
connection_t *c;
avl_node_t *node;
int result, i;
int len = sizeof(result);
socklen_t len = sizeof(result);
vpn_packet_t packet;
cp();
if(FD_ISSET(device_fd, f)) {
/* check input from kernel */
if(FD_ISSET(device_fd, readset)) {
if(read_packet(&packet))
route(myself, &packet);
}
/* check meta connections */
for(node = connection_tree->head; node; node = node->next) {
c = node->data;
if(c->status.remove)
continue;
if(FD_ISSET(c->socket, f)) {
if(FD_ISSET(c->socket, readset)) {
if(c->status.connecting) {
c->status.connecting = false;
getsockopt(c->socket, SOL_SOCKET, SO_ERROR, &result, &len);
@ -307,13 +328,20 @@ static void check_network_activity(fd_set * f)
continue;
}
}
if(FD_ISSET(c->socket, writeset)) {
if(!flush_meta(c)) {
terminate_connection(c, c->status.active);
continue;
}
}
}
for(i = 0; i < listen_sockets; i++) {
if(FD_ISSET(listen_socket[i].udp, f))
if(FD_ISSET(listen_socket[i].udp, readset))
handle_incoming_vpn_data(listen_socket[i].udp);
if(FD_ISSET(listen_socket[i].tcp, f))
if(FD_ISSET(listen_socket[i].tcp, readset))
handle_new_meta_connection(listen_socket[i].tcp);
}
}
@ -323,16 +351,18 @@ static void check_network_activity(fd_set * f)
*/
int main_loop(void)
{
fd_set fset;
fd_set readset, writeset;
struct timeval tv;
int r, maxfd;
time_t last_ping_check, last_config_check;
time_t last_ping_check, last_config_check, last_graph_dump;
event_t *event;
cp();
last_ping_check = now;
last_config_check = now;
last_graph_dump = now;
srand(now);
running = true;
@ -344,9 +374,9 @@ int main_loop(void)
tv.tv_sec = 1;
tv.tv_usec = 0;
maxfd = build_fdset(&fset);
maxfd = build_fdset(&readset, &writeset);
r = select(maxfd + 1, &fset, NULL, NULL, &tv);
r = select(maxfd + 1, &readset, &writeset, NULL, &tv);
if(r < 0) {
if(errno != EINTR && errno != EAGAIN) {
@ -360,7 +390,7 @@ int main_loop(void)
continue;
}
check_network_activity(&fset);
check_network_activity(&readset, &writeset);
if(do_purge) {
purge();
@ -383,9 +413,9 @@ int main_loop(void)
if(keyexpires < now) {
ifdebug(STATUS) logger(LOG_INFO, _("Regenerating symmetric key"));
RAND_pseudo_bytes(myself->key, myself->keylength);
RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength);
if(myself->cipher)
EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key, myself->key + myself->cipher->key_len);
EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len);
send_key_changed(broadcast, myself);
keyexpires = now + keylifetime;
}
@ -394,7 +424,7 @@ int main_loop(void)
while((event = get_expired_event())) {
event->handler(event->data);
free(event);
free_event(event);
}
if(sigalrm) {
@ -450,6 +480,13 @@ int main_loop(void)
try_outgoing_connections();
}
/* Dump graph if wanted every 60 seconds*/
if(last_graph_dump + 60 < now) {
dump_graph();
last_graph_dump = now;
}
}
return 0;

7
src/net.h
View file

@ -1,7 +1,7 @@
/*
net.h -- header for net.c
Copyright (C) 1998-2005 Ivo Timmermans <zarq@iname.com>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net.h 1439 2005-05-04 18:09:30Z guus $
$Id: net.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_NET_H__
@ -114,10 +114,9 @@ typedef struct outgoing_t {
struct addrinfo *aip;
} outgoing_t;
extern int maxtimeout;
extern int maxoutbufsize;
extern int seconds_till_retry;
extern int addressfamily;
extern bool blockingtcp;
extern listen_socket_t listen_socket[MAXSOCKETS];
extern int listen_sockets;

45
src/net_packet.c
View file

@ -1,7 +1,7 @@
/*
net_packet.c -- Handles in- and outgoing VPN packets
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_packet.c 1439 2005-05-04 18:09:30Z guus $
$Id: net_packet.c 1469 2006-11-11 22:44:15Z guus $
*/
#include "system.h"
@ -29,7 +29,12 @@
#include <openssl/hmac.h>
#include <zlib.h>
#ifdef HAVE_LZO_LZO1X_H
#include <lzo/lzo1x.h>
#endif
#ifdef HAVE_LZO1X_H
#include <lzo1x.h>
#endif
#include "avl_tree.h"
#include "conf.h"
@ -96,7 +101,7 @@ void send_mtu_probe(node_t *n)
send_udppacket(n, &packet);
}
n->mtuevent = xmalloc(sizeof(*n->mtuevent));
n->mtuevent = new_event();
n->mtuevent->handler = (event_handler_t)send_mtu_probe;
n->mtuevent->data = n;
n->mtuevent->time = now + 1;
@ -174,7 +179,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt)
int nextpkt = 0;
vpn_packet_t *outpkt = pkt[0];
int outlen, outpad;
char hmac[EVP_MAX_MD_SIZE];
unsigned char hmac[EVP_MAX_MD_SIZE];
int i;
cp();
@ -192,7 +197,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt)
if(myself->digest && myself->maclength) {
inpkt->len -= myself->maclength;
HMAC(myself->digest, myself->key, myself->keylength,
(char *) &inpkt->seqno, inpkt->len, hmac, NULL);
(unsigned char *) &inpkt->seqno, inpkt->len, (unsigned char *)hmac, NULL);
if(memcmp(hmac, (char *) &inpkt->seqno + inpkt->len, myself->maclength)) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Got unauthenticated packet from %s (%s)"),
@ -207,9 +212,9 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt)
outpkt = pkt[nextpkt++];
if(!EVP_DecryptInit_ex(&packet_ctx, NULL, NULL, NULL, NULL)
|| !EVP_DecryptUpdate(&packet_ctx, (char *) &outpkt->seqno, &outlen,
(char *) &inpkt->seqno, inpkt->len)
|| !EVP_DecryptFinal_ex(&packet_ctx, (char *) &outpkt->seqno + outlen, &outpad)) {
|| !EVP_DecryptUpdate(&packet_ctx, (unsigned char *) &outpkt->seqno, &outlen,
(unsigned char *) &inpkt->seqno, inpkt->len)
|| !EVP_DecryptFinal_ex(&packet_ctx, (unsigned char *) &outpkt->seqno + outlen, &outpad)) {
ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Error decrypting packet from %s (%s): %s"),
n->name, n->hostname, ERR_error_string(ERR_get_error(), NULL));
return;
@ -285,10 +290,11 @@ void receive_tcppacket(connection_t *c, char *buffer, int len)
receive_packet(c->node, &outpkt);
}
static void send_udppacket(node_t *n, vpn_packet_t *inpkt)
static void send_udppacket(node_t *n, vpn_packet_t *origpkt)
{
vpn_packet_t pkt1, pkt2;
vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 };
vpn_packet_t *inpkt = origpkt;
int nextpkt = 0;
vpn_packet_t *outpkt;
int origlen;
@ -352,9 +358,9 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt)
outpkt = pkt[nextpkt++];
if(!EVP_EncryptInit_ex(&n->packet_ctx, NULL, NULL, NULL, NULL)
|| !EVP_EncryptUpdate(&n->packet_ctx, (char *) &outpkt->seqno, &outlen,
(char *) &inpkt->seqno, inpkt->len)
|| !EVP_EncryptFinal_ex(&n->packet_ctx, (char *) &outpkt->seqno + outlen, &outpad)) {
|| !EVP_EncryptUpdate(&n->packet_ctx, (unsigned char *) &outpkt->seqno, &outlen,
(unsigned char *) &inpkt->seqno, inpkt->len)
|| !EVP_EncryptFinal_ex(&n->packet_ctx, (unsigned char *) &outpkt->seqno + outlen, &outpad)) {
ifdebug(TRAFFIC) logger(LOG_ERR, _("Error while encrypting packet to %s (%s): %s"),
n->name, n->hostname, ERR_error_string(ERR_get_error(), NULL));
goto end;
@ -367,8 +373,8 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt)
/* Add the message authentication code */
if(n->digest && n->maclength) {
HMAC(n->digest, n->key, n->keylength, (char *) &inpkt->seqno,
inpkt->len, (char *) &inpkt->seqno + inpkt->len, &outlen);
HMAC(n->digest, n->key, n->keylength, (unsigned char *) &inpkt->seqno,
inpkt->len, (unsigned char *) &inpkt->seqno + inpkt->len, NULL);
inpkt->len += n->maclength;
}
@ -404,7 +410,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt)
}
end:
inpkt->len = origlen;
origpkt->len = origlen;
}
/*
@ -457,11 +463,8 @@ void broadcast_packet(const node_t *from, vpn_packet_t *packet)
ifdebug(TRAFFIC) logger(LOG_INFO, _("Broadcasting packet of %d bytes from %s (%s)"),
packet->len, from->name, from->hostname);
if(from != myself) {
if(overwrite_mac)
memcpy(packet->data, mymac.x, ETH_ALEN);
write_packet(packet);
}
if(from != myself)
send_packet(myself, packet);
for(node = connection_tree->head; node; node = node->next) {
c = node->data;

47
src/net_setup.c
View file

@ -1,7 +1,7 @@
/*
net_setup.c -- Setup.
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_setup.c 1439 2005-05-04 18:09:30Z guus $
$Id: net_setup.c 1469 2006-11-11 22:44:15Z guus $
*/
#include "system.h"
@ -286,8 +286,6 @@ bool setup_myself(void)
if(get_config_bool(lookup_config(myself->connection->config_tree, "TCPOnly"), &choice) && choice)
myself->options |= OPTION_TCPONLY;
get_config_bool(lookup_config(config_tree, "BlockingTCP"), &blockingtcp);
if(get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) && choice)
myself->options |= OPTION_PMTU_DISCOVERY;
@ -370,7 +368,7 @@ bool setup_myself(void)
myself->connection->outcipher = EVP_bf_ofb();
myself->key = xmalloc(myself->keylength);
RAND_pseudo_bytes(myself->key, myself->keylength);
RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength);
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
@ -379,7 +377,7 @@ bool setup_myself(void)
if(myself->cipher) {
EVP_CIPHER_CTX_init(&packet_ctx);
if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key, myself->key + myself->cipher->key_len)) {
if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
myself->name, myself->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
@ -439,7 +437,6 @@ bool setup_myself(void)
myself->nexthop = myself;
myself->via = myself;
myself->status.active = true;
myself->status.reachable = true;
node_add(myself);
@ -504,7 +501,7 @@ bool setup_myself(void)
free(hostname);
}
listen_socket[listen_sockets].sa.sa = *aip->ai_addr;
memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
listen_sockets++;
}
@ -529,19 +526,27 @@ bool setup_network_connections(void)
now = time(NULL);
init_events();
init_connections();
init_subnets();
init_nodes();
init_edges();
init_events();
init_requests();
if(get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout)) {
if(pingtimeout < 1) {
pingtimeout = 86400;
if(get_config_int(lookup_config(config_tree, "PingInterval"), &pinginterval)) {
if(pinginterval < 1) {
pinginterval = 86400;
}
} else
pingtimeout = 60;
pinginterval = 60;
if(!get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout))
pingtimeout = 5;
if(pingtimeout < 1 || pingtimeout > pinginterval)
pingtimeout = pinginterval;
if(!get_config_int(lookup_config(config_tree, "MaxOutputBufferSize"), &maxoutbufsize))
maxoutbufsize = 4 * MTU;
if(!setup_myself())
return false;
@ -582,19 +587,19 @@ void close_network_connections(void)
close(listen_socket[i].udp);
}
exit_requests();
exit_events();
exit_edges();
exit_subnets();
exit_nodes();
exit_connections();
asprintf(&envp[0], "NETNAME=%s", netname ? : "");
asprintf(&envp[1], "DEVICE=%s", device ? : "");
asprintf(&envp[2], "INTERFACE=%s", iface ? : "");
asprintf(&envp[3], "NAME=%s", myself->name);
envp[4] = NULL;
exit_requests();
exit_edges();
exit_subnets();
exit_nodes();
exit_connections();
exit_events();
execute_script("tinc-down", envp);
for(i = 0; i < 4; i++)

102
src/net_socket.c
View file

@ -1,7 +1,7 @@
/*
net_socket.c -- Handle various kinds of sockets.
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: net_socket.c 1439 2005-05-04 18:09:30Z guus $
$Id: net_socket.c 1460 2006-08-08 13:50:58Z guus $
*/
#include "system.h"
@ -38,16 +38,43 @@
#define EINPROGRESS WSAEINPROGRESS
#endif
/* Needed on Mac OS/X */
#ifndef SOL_TCP
#define SOL_TCP IPPROTO_TCP
#endif
int addressfamily = AF_UNSPEC;
int maxtimeout = 900;
int seconds_till_retry = 5;
bool blockingtcp = false;
listen_socket_t listen_socket[MAXSOCKETS];
int listen_sockets;
/* Setup sockets */
static void configure_tcp(connection_t *c)
{
int option;
#ifdef O_NONBLOCK
int flags = fcntl(c->socket, F_GETFL);
if(fcntl(c->socket, F_SETFL, flags | O_NONBLOCK) < 0) {
logger(LOG_ERR, _("fcntl for %s: %s"), c->hostname, strerror(errno));
}
#endif
#if defined(SOL_TCP) && defined(TCP_NODELAY)
option = 1;
setsockopt(c->socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
#endif
#if defined(SOL_IP) && defined(IP_TOS) && defined(IPTOS_LOWDELAY)
option = IPTOS_LOWDELAY;
setsockopt(c->socket, SOL_IP, IP_TOS, &option, sizeof(option));
#endif
}
int setup_listen_socket(const sockaddr_t *sa)
{
int nfd;
@ -64,33 +91,11 @@ int setup_listen_socket(const sockaddr_t *sa)
return -1;
}
#ifdef O_NONBLOCK
{
int flags = fcntl(nfd, F_GETFL);
if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) {
closesocket(nfd);
logger(LOG_ERR, _("System call `%s' failed: %s"), "fcntl",
strerror(errno));
return -1;
}
}
#endif
/* Optimize TCP settings */
option = 1;
setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &option, sizeof(option));
#if defined(SOL_TCP) && defined(TCP_NODELAY)
setsockopt(nfd, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
#endif
#if defined(SOL_IP) && defined(IP_TOS) && defined(IPTOS_LOWDELAY)
option = IPTOS_LOWDELAY;
setsockopt(nfd, SOL_IP, IP_TOS, &option, sizeof(option));
#endif
if(get_config_string
(lookup_config(config_tree, "BindToInterface"), &iface)) {
#if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
@ -241,15 +246,7 @@ void finish_connecting(connection_t *c)
ifdebug(CONNECTIONS) logger(LOG_INFO, _("Connected to %s (%s)"), c->name, c->hostname);
#ifdef O_NONBLOCK
if(blockingtcp) {
int flags = fcntl(c->socket, F_GETFL);
if(fcntl(c->socket, F_SETFL, flags & ~O_NONBLOCK) < 0) {
logger(LOG_ERR, _("fcntl for %s: %s"), c->hostname, strerror(errno));
}
}
#endif
configure_tcp(c);
c->last_ping_time = now;
@ -259,7 +256,7 @@ void finish_connecting(connection_t *c)
void do_outgoing_connection(connection_t *c)
{
char *address, *port;
int option, result, flags;
int result;
cp();
@ -314,25 +311,7 @@ begin:
/* Optimize TCP settings */
#if defined(SOL_TCP) && defined(TCP_NODELAY)
option = 1;
setsockopt(c->socket, SOL_TCP, TCP_NODELAY, &option, sizeof(option));
#endif
#if defined(SOL_IP) && defined(IP_TOS)
option = IPTOS_LOWDELAY;
setsockopt(c->socket, SOL_IP, IP_TOS, &option, sizeof(option));
#endif
/* Non-blocking */
#ifdef O_NONBLOCK
flags = fcntl(c->socket, F_GETFL);
if(fcntl(c->socket, F_SETFL, flags | O_NONBLOCK) < 0) {
logger(LOG_ERR, _("fcntl for %s: %s"), c->hostname, strerror(errno));
}
#endif
configure_tcp(c);
/* Connect */
@ -409,7 +388,8 @@ bool handle_new_meta_connection(int sock)
{
connection_t *c;
sockaddr_t sa;
int fd, len = sizeof(sa);
int fd;
socklen_t len = sizeof(sa);
cp();
@ -437,15 +417,7 @@ bool handle_new_meta_connection(int sock)
ifdebug(CONNECTIONS) logger(LOG_NOTICE, _("Connection from %s"), c->hostname);
#ifdef O_NONBLOCK
if(blockingtcp) {
int flags = fcntl(c->socket, F_GETFL);
if(fcntl(c->socket, F_SETFL, flags & ~O_NONBLOCK) < 0) {
logger(LOG_ERR, _("fcntl for %s: %s"), c->hostname, strerror(errno));
}
}
#endif
configure_tcp(c);
connection_add(c);

14
src/netutl.c
View file

@ -1,7 +1,7 @@
/*
netutl.c -- some supporting network utility code
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: netutl.c 1439 2005-05-04 18:09:30Z guus $
$Id: netutl.c 1459 2006-08-08 13:44:37Z guus $
*/
#include "system.h"
@ -78,7 +78,7 @@ sockaddr_t str2sockaddr(const char *address, const char *port)
return result;
}
result = *(sockaddr_t *) ai->ai_addr;
memcpy(&result, ai->ai_addr, ai->ai_addrlen);
freeaddrinfo(ai);
return result;
@ -225,7 +225,7 @@ void sockaddrunmap(sockaddr_t *sa)
/* Subnet mask handling */
int maskcmp(const void *va, const void *vb, int masklen, int len)
int maskcmp(const void *va, const void *vb, int masklen)
{
int i, m, result;
const char *a = va;
@ -257,7 +257,7 @@ void mask(void *va, int masklen, int len)
masklen %= 8;
if(masklen)
a[i++] &= (0x100 - (1 << masklen));
a[i++] &= (0x100 - (1 << (8 - masklen)));
for(; i < len; i++)
a[i] = 0;
@ -275,7 +275,7 @@ void maskcpy(void *va, const void *vb, int masklen, int len)
a[i] = b[i];
if(m) {
a[i] = b[i] & (0x100 - (1 << m));
a[i] = b[i] & (0x100 - (1 << (8 - m)));
i++;
}

6
src/netutl.h
View file

@ -1,7 +1,7 @@
/*
netutl.h -- header file for netutl.c
Copyright (C) 1998-2005 Ivo Timmermans <zarq@iname.com>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: netutl.h 1439 2005-05-04 18:09:30Z guus $
$Id: netutl.h 1459 2006-08-08 13:44:37Z guus $
*/
#ifndef __TINC_NETUTL_H__
@ -35,7 +35,7 @@ extern int sockaddrcmp(const sockaddr_t *, const sockaddr_t *);
extern void sockaddrunmap(sockaddr_t *);
extern void sockaddrfree(sockaddr_t *);
extern void sockaddrcpy(sockaddr_t *, const sockaddr_t *);
extern int maskcmp(const void *, const void *, int, int);
extern int maskcmp(const void *, const void *, int);
extern void maskcpy(void *, const void *, int, int);
extern void mask(void *, int, int);
extern bool maskcheck(const void *, int, int);

22
src/node.c
View file

@ -1,7 +1,7 @@
/*
node.c -- node tree management
Copyright (C) 2001-2005 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: node.c 1439 2005-05-04 18:09:30Z guus $
$Id: node.c 1469 2006-11-11 22:44:15Z guus $
*/
#include "system.h"
@ -93,12 +93,6 @@ void free_node(node_t *n)
if(n->queue)
list_delete_list(n->queue);
if(n->name)
free(n->name);
if(n->hostname)
free(n->hostname);
if(n->key)
free(n->key);
@ -112,9 +106,17 @@ void free_node(node_t *n)
EVP_CIPHER_CTX_cleanup(&n->packet_ctx);
if(n->mtuevent)
if(n->mtuevent) {
event_del(n->mtuevent);
free_event(n->mtuevent);
}
if(n->hostname)
free(n->hostname);
if(n->name)
free(n->name);
free(n);
}

25
src/node.h
View file

@ -1,7 +1,7 @@
/*
node.h -- header for node.c
Copyright (C) 2001-2005 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2001-2006 Guus Sliepen <guus@tinc-vpn.org>,
2001-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: node.h 1439 2005-05-04 18:09:30Z guus $
$Id: node.h 1462 2006-11-11 13:43:00Z guus $
*/
#ifndef __TINC_NODE_H__
@ -29,14 +29,17 @@
#include "list.h"
#include "subnet.h"
typedef struct node_status_t {
int active:1; /* 1 if active.. */
int validkey:1; /* 1 if we currently have a valid key for him */
int waitingforkey:1; /* 1 if we already sent out a request */
int visited:1; /* 1 if this node has been visited by one of the graph algorithms */
int reachable:1; /* 1 if this node is reachable in the graph */
int indirect:1; /* 1 if this node is not directly reachable by us */
int unused:26;
typedef union node_status_t {
struct {
int unused_active:1; /* 1 if active (not used for nodes) */
int validkey:1; /* 1 if we currently have a valid key for him */
int waitingforkey:1; /* 1 if we already sent out a request */
int visited:1; /* 1 if this node has been visited by one of the graph algorithms */
int reachable:1; /* 1 if this node is reachable in the graph */
int indirect:1; /* 1 if this node is not directly reachable by us */
int unused:26;
};
uint32_t value;
} node_status_t;
typedef struct node_t {

6
src/process.c
View file

@ -1,7 +1,7 @@
/*
process.c -- process management functions
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: process.c 1439 2005-05-04 18:09:30Z guus $
$Id: process.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

6
src/process.h
View file

@ -1,7 +1,7 @@
/*
process.h -- header file for process.c
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: process.h 1439 2005-05-04 18:09:30Z guus $
$Id: process.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_PROCESS_H__

8
src/protocol.c
View file

@ -1,7 +1,7 @@
/*
protocol.c -- handle the meta-protocol, basic functions
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol.c 1439 2005-05-04 18:09:30Z guus $
$Id: protocol.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"
@ -241,7 +241,7 @@ void age_past_requests(void)
next = node->next;
p = node->data;
if(p->firstseen + pingtimeout < now)
if(p->firstseen + pinginterval < now)
avl_delete_node(past_request_tree, node), deleted++;
else
left++;

13
src/protocol.h
View file

@ -1,7 +1,7 @@
/*
protocol.h -- header for protocol.c
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol.h 1439 2005-05-04 18:09:30Z guus $
$Id: protocol.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_PROTOCOL_H__
@ -56,9 +56,12 @@ typedef struct past_request_t {
extern bool tunnelserver;
/* Maximum size of strings in a request */
/* Maximum size of strings in a request.
* scanf terminates %2048s with a NUL character,
* but the NUL character can be written after the 2048th non-NUL character.
*/
#define MAX_STRING_SIZE 2048
#define MAX_STRING_SIZE 2049
#define MAX_STRING "%2048s"
#include "edge.h"

34
src/protocol_auth.c
View file

@ -1,7 +1,7 @@
/*
protocol_auth.c -- handle the meta-protocol, authentication
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_auth.c 1439 2005-05-04 18:09:30Z guus $
$Id: protocol_auth.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"
@ -118,7 +118,7 @@ bool id_h(connection_t *c)
bool send_metakey(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
char *buffer;
int len;
bool x;
@ -128,6 +128,8 @@ bool send_metakey(connection_t *c)
/* Allocate buffers for the meta key */
buffer = alloca(2 * len + 1);
if(!c->outkey)
c->outkey = xmalloc(len);
@ -136,7 +138,7 @@ bool send_metakey(connection_t *c)
cp();
/* Copy random data to the buffer */
RAND_pseudo_bytes(c->outkey, len);
RAND_pseudo_bytes((unsigned char *)c->outkey, len);
/* The message we send must be smaller than the modulus of the RSA key.
By definition, for a key of k bits, the following formula holds:
@ -164,7 +166,7 @@ bool send_metakey(connection_t *c)
with a length equal to that of the modulus of the RSA key.
*/
if(RSA_public_encrypt(len, c->outkey, buffer, c->rsa_key, RSA_NO_PADDING) != len) {
if(RSA_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, c->rsa_key, RSA_NO_PADDING) != len) {
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
@ -186,8 +188,8 @@ bool send_metakey(connection_t *c)
if(c->outcipher) {
if(!EVP_EncryptInit(c->outctx, c->outcipher,
c->outkey + len - c->outcipher->key_len,
c->outkey + len - c->outcipher->key_len -
(unsigned char *)c->outkey + len - c->outcipher->key_len,
(unsigned char *)c->outkey + len - c->outcipher->key_len -
c->outcipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
@ -237,7 +239,7 @@ bool metakey_h(connection_t *c)
/* Decrypt the meta key */
if(RSA_private_decrypt(len, buffer, c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
if(RSA_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) { /* See challenge() */
logger(LOG_ERR, _("Error during encryption of meta key for %s (%s)"),
c->name, c->hostname);
return false;
@ -262,8 +264,8 @@ bool metakey_h(connection_t *c)
}
if(!EVP_DecryptInit(c->inctx, c->incipher,
c->inkey + len - c->incipher->key_len,
c->inkey + len - c->incipher->key_len -
(unsigned char *)c->inkey + len - c->incipher->key_len,
(unsigned char *)c->inkey + len - c->incipher->key_len -
c->incipher->iv_len)) {
logger(LOG_ERR, _("Error during initialisation of cipher from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
@ -302,7 +304,7 @@ bool metakey_h(connection_t *c)
bool send_challenge(connection_t *c)
{
char buffer[MAX_STRING_SIZE];
char *buffer;
int len;
cp();
@ -313,12 +315,14 @@ bool send_challenge(connection_t *c)
/* Allocate buffers for the challenge */
buffer = alloca(2 * len + 1);
if(!c->hischallenge)
c->hischallenge = xmalloc(len);
/* Copy random data to the buffer */
RAND_pseudo_bytes(c->hischallenge, len);
RAND_pseudo_bytes((unsigned char *)c->hischallenge, len);
/* Convert to hex */
@ -380,7 +384,7 @@ bool send_chal_reply(connection_t *c)
if(!EVP_DigestInit(&ctx, c->indigest)
|| !EVP_DigestUpdate(&ctx, c->mychallenge, RSA_size(myself->connection->rsa_key))
|| !EVP_DigestFinal(&ctx, hash, NULL)) {
|| !EVP_DigestFinal(&ctx, (unsigned char *)hash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response for %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;
@ -426,7 +430,7 @@ bool chal_reply_h(connection_t *c)
if(!EVP_DigestInit(&ctx, c->outdigest)
|| !EVP_DigestUpdate(&ctx, c->hischallenge, RSA_size(c->rsa_key))
|| !EVP_DigestFinal(&ctx, myhash, NULL)) {
|| !EVP_DigestFinal(&ctx, (unsigned char *)myhash, NULL)) {
logger(LOG_ERR, _("Error during calculation of response from %s (%s): %s"),
c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;

6
src/protocol_edge.c
View file

@ -1,7 +1,7 @@
/*
protocol_edge.c -- handle the meta-protocol, edges
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_edge.c 1439 2005-05-04 18:09:30Z guus $
$Id: protocol_edge.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

11
src/protocol_key.c
View file

@ -1,7 +1,7 @@
/*
protocol_key.c -- handle the meta-protocol, key exchange
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_key.c 1439 2005-05-04 18:09:30Z guus $
$Id: protocol_key.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"
@ -142,10 +142,11 @@ bool req_key_h(connection_t *c)
bool send_ans_key(connection_t *c, const node_t *from, const node_t *to)
{
char key[MAX_STRING_SIZE];
char *key;
cp();
key = alloca(2 * from->keylength + 1);
bin2hex(from->key, key, from->keylength);
key[from->keylength * 2] = '\0';
@ -261,7 +262,7 @@ bool ans_key_h(connection_t *c)
from->compression = compression;
if(from->cipher)
if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, from->key, from->key + from->cipher->key_len)) {
if(!EVP_EncryptInit_ex(&from->packet_ctx, from->cipher, NULL, (unsigned char *)from->key, (unsigned char *)from->key + from->cipher->key_len)) {
logger(LOG_ERR, _("Error during initialisation of key from %s (%s): %s"),
from->name, from->hostname, ERR_error_string(ERR_get_error(), NULL));
return false;

15
src/protocol_misc.c
View file

@ -1,7 +1,7 @@
/*
protocol_misc.c -- handle the meta-protocol, miscellaneous functions
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_misc.c 1439 2005-05-04 18:09:30Z guus $
$Id: protocol_misc.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"
@ -31,6 +31,8 @@
#include "protocol.h"
#include "utils.h"
int maxoutbufsize = 0;
/* Status and error notification routines */
bool send_status(connection_t *c, int statusno, const char *statusstring)
@ -153,12 +155,15 @@ bool send_tcppacket(connection_t *c, vpn_packet_t *packet)
{
cp();
/* Evil hack. */
/* If there already is a lot of data in the outbuf buffer, discard this packet. */
if(c->outbuflen > maxoutbufsize)
return true;
if(!send_request(c, "%d %hd", PACKET, packet->len))
return false;
return send_meta(c, packet->data, packet->len);
return send_meta(c, (char *)packet->data, packet->len);
}
bool tcppacket_h(connection_t *c)

6
src/protocol_subnet.c
View file

@ -1,7 +1,7 @@
/*
protocol_subnet.c -- handle the meta-protocol, subnets
Copyright (C) 1999-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1999-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: protocol_subnet.c 1439 2005-05-04 18:09:30Z guus $
$Id: protocol_subnet.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

6
src/raw_socket/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- raw socket
Copyright (C) 2002-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2002-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2002-2005 Ivo Timmermans,
2002-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.c 1439 2005-05-04 18:09:30Z guus $
$Id: device.c 1452 2006-04-26 13:52:58Z guus $
*/
#include "system.h"

52
src/route.c
View file

@ -1,7 +1,7 @@
/*
route.c -- routing
Copyright (C) 2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2000-2005 Ivo Timmermans,
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: route.c 1439 2005-05-04 18:09:30Z guus $
$Id: route.c 1461 2006-08-09 22:31:10Z guus $
*/
#include "system.h"
@ -163,17 +163,23 @@ void age_subnets(void)
static void route_mac(node_t *source, vpn_packet_t *packet)
{
subnet_t *subnet;
mac_t dest;
cp();
/* Learn source address */
if(source == myself)
learn_mac((mac_t *)(&packet->data[6]));
if(source == myself) {
mac_t src;
memcpy(&src, &packet->data[6], sizeof src);
learn_mac(&src);
}
/* Lookup destination address */
subnet = lookup_subnet_mac((mac_t *)(&packet->data[0]));
memcpy(&dest, &packet->data[0], sizeof dest);
subnet = lookup_subnet_mac(&dest);
if(!subnet) {
broadcast_packet(source, packet);
@ -280,7 +286,7 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet) {
todo = ntohs(ip.ip_len) - ip_size;
if(ether_size + ip_size + todo != packet->len) {
ifdebug(TRAFFIC) logger(LOG_WARNING, _("Length of packet (%d) doesn't match length in IPv4 header (%d)"), packet->len, ether_size + ip_size + todo);
ifdebug(TRAFFIC) logger(LOG_WARNING, _("Length of packet (%d) doesn't match length in IPv4 header (%zd)"), packet->len, ether_size + ip_size + todo);
return;
}
@ -316,18 +322,20 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet)
{
subnet_t *subnet;
node_t *via;
ipv4_t dest;
cp();
subnet = lookup_subnet_ipv4((ipv4_t *) &packet->data[30]);
memcpy(&dest, &packet->data[30], sizeof dest);
subnet = lookup_subnet_ipv4(&dest);
if(!subnet) {
ifdebug(TRAFFIC) logger(LOG_WARNING, _("Cannot route packet from %s (%s): unknown IPv4 destination address %d.%d.%d.%d"),
source->name, source->hostname,
packet->data[30],
packet->data[31],
packet->data[32],
packet->data[33]);
dest.x[0],
dest.x[1],
dest.x[2],
dest.x[3]);
route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_UNKNOWN);
return;
@ -454,22 +462,24 @@ static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet)
{
subnet_t *subnet;
node_t *via;
ipv6_t dest;
cp();
subnet = lookup_subnet_ipv6((ipv6_t *) &packet->data[38]);
memcpy(&dest, &packet->data[38], sizeof dest);
subnet = lookup_subnet_ipv6(&dest);
if(!subnet) {
ifdebug(TRAFFIC) logger(LOG_WARNING, _("Cannot route packet from %s (%s): unknown IPv6 destination address %hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx"),
source->name, source->hostname,
ntohs(*(uint16_t *) &packet->data[38]),
ntohs(*(uint16_t *) &packet->data[40]),
ntohs(*(uint16_t *) &packet->data[42]),
ntohs(*(uint16_t *) &packet->data[44]),
ntohs(*(uint16_t *) &packet->data[46]),
ntohs(*(uint16_t *) &packet->data[48]),
ntohs(*(uint16_t *) &packet->data[50]),
ntohs(*(uint16_t *) &packet->data[52]));
ntohs(dest.x[0]),
ntohs(dest.x[1]),
ntohs(dest.x[2]),
ntohs(dest.x[3]),
ntohs(dest.x[4]),
ntohs(dest.x[5]),
ntohs(dest.x[6]),
ntohs(dest.x[7]));
route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADDR);
return;

4
src/route.h
View file

@ -1,7 +1,7 @@
/*
route.h -- header file for route.c
Copyright (C) 2000-2005 Ivo Timmermans <zarq@iname.com>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: route.h 1439 2005-05-04 18:09:30Z guus $
$Id: route.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_ROUTE_H__

6
src/solaris/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- Interaction with Solaris tun device
Copyright (C) 2001-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2001-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2001-2005 Ivo Timmermans,
2001-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: device.c 1439 2005-05-04 18:09:30Z guus $
$Id: device.c 1452 2006-04-26 13:52:58Z guus $
*/

10
src/subnet.c
View file

@ -1,7 +1,7 @@
/*
subnet.c -- handle subnet lookups and lists
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: subnet.c 1439 2005-05-04 18:09:30Z guus $
$Id: subnet.c 1459 2006-08-08 13:44:37Z guus $
*/
#include "system.h"
@ -342,7 +342,7 @@ subnet_t *lookup_subnet_ipv4(const ipv4_t *address)
break;
}
if(!maskcmp(address, &p->net.ipv4.address, p->net.ipv4.prefixlength, sizeof(ipv4_t)))
if(!maskcmp(address, &p->net.ipv4.address, p->net.ipv4.prefixlength))
break;
else {
/* Otherwise, see if there is a bigger enclosing subnet */
@ -378,7 +378,7 @@ subnet_t *lookup_subnet_ipv6(const ipv6_t *address)
if(p->type != SUBNET_IPV6)
return NULL;
if(!maskcmp(address, &p->net.ipv6.address, p->net.ipv6.prefixlength, sizeof(ipv6_t)))
if(!maskcmp(address, &p->net.ipv6.address, p->net.ipv6.prefixlength))
break;
else {
/* Otherwise, see if there is a bigger enclosing subnet */

6
src/subnet.h
View file

@ -1,7 +1,7 @@
/*
subnet.h -- header for subnet.c
Copyright (C) 2000-2005 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans <ivo@tinc-vpn.org>
Copyright (C) 2000-2006 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: subnet.h 1439 2005-05-04 18:09:30Z guus $
$Id: subnet.h 1452 2006-04-26 13:52:58Z guus $
*/
#ifndef __TINC_SUBNET_H__

19
src/tincd.c
View file

@ -1,7 +1,7 @@
/*
tincd.c -- the main file for tincd
Copyright (C) 1998-2005 Ivo Timmermans <ivo@tinc-vpn.org>
2000-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 1998-2005 Ivo Timmermans
2000-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -17,7 +17,7 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
$Id: tincd.c 1439 2005-05-04 18:09:30Z guus $
$Id: tincd.c 1466 2006-11-11 20:10:46Z guus $
*/
#include "system.h"
@ -35,8 +35,14 @@
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <openssl/engine.h>
#ifdef HAVE_LZO_LZO1X_H
#include <lzo/lzo1x.h>
#endif
#ifdef HAVE_LZO1X_H
#include <lzo1x.h>
#endif
#include <getopt.h>
#include "pidfile.h"
@ -407,7 +413,7 @@ int main(int argc, char **argv)
if(show_version) {
printf(_("%s version %s (built %s %s, protocol %d)\n"), PACKAGE,
VERSION, __DATE__, __TIME__, PROT_CURRENT);
printf(_("Copyright (C) 1998-2005 Ivo Timmermans, Guus Sliepen and others.\n"
printf(_("Copyright (C) 1998-2006 Ivo Timmermans, Guus Sliepen and others.\n"
"See the AUTHORS file for a complete list.\n\n"
"tinc comes with ABSOLUTELY NO WARRANTY. This is free software,\n"
"and you are welcome to redistribute it under certain conditions;\n"
@ -448,6 +454,9 @@ int main(int argc, char **argv)
RAND_load_file("/dev/urandom", 1024);
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
OpenSSL_add_all_algorithms();
if(generate_keys) {
@ -505,6 +514,8 @@ end:
#ifndef HAVE_MINGW
remove_pid(pidfilename);
#endif
EVP_cleanup();
return status;
}

4
src/uml_socket/device.c
View file

@ -1,7 +1,7 @@
/*
device.c -- UML network socket
Copyright (C) 2002-2005 Ivo Timmermans <ivo@tinc-vpn.org>,
2002-2005 Guus Sliepen <guus@tinc-vpn.org>
Copyright (C) 2002-2005 Ivo Timmermans,
2002-2006 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by