2 protocol.c -- handle the meta-protocol
3 Copyright (C) 1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: protocol.c,v 1.28.4.3 2000/06/25 15:45:09 guus Exp $
25 #include <sys/types.h>
30 #include <sys/socket.h>
45 char buffer[MAXBUFSIZE+1];
48 /* Outgoing request routines */
50 int send_ack(conn_list_t *cl)
54 syslog(LOG_DEBUG, _("Sending ACK to " IP_ADDR_S " (" IP_ADDR_S ")"),
55 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
57 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", ACK);
59 if((write(cl->meta_socket, buffer, buflen)) < 0)
61 syslog(LOG_ERR, _("Send failed: %d:%d: %m"), __FILE__, __LINE__);
65 syslog(LOG_NOTICE, _("Connection with " IP_ADDR_S " (" IP_ADDR_S ") activated"),
66 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
71 int send_termreq(conn_list_t *cl)
75 syslog(LOG_DEBUG, _("Sending TERMREQ to " IP_ADDR_S " (" IP_ADDR_S ")"),
76 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
78 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", TERMREQ, myself->vpn_ip);
80 if(write(cl->meta_socket, buffer, buflen) < 0)
83 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
90 int send_timeout(conn_list_t *cl)
94 syslog(LOG_DEBUG, _("Sending TIMEOUT to " IP_ADDR_S " (" IP_ADDR_S ")"),
95 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
97 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip);
99 if((write(cl->meta_socket, buffer, buflen)) < 0)
101 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
108 int send_del_host(conn_list_t *cl, conn_list_t *new_host)
112 syslog(LOG_DEBUG, _("Sending DEL_HOST for " IP_ADDR_S " to " IP_ADDR_S " (" IP_ADDR_S ")"),
113 IP_ADDR_V(new_host->vpn_ip), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
115 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", DEL_HOST, new_host->vpn_ip);
117 if((write(cl->meta_socket, buffer, buflen)) < 0)
119 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
126 int send_ping(conn_list_t *cl)
130 syslog(LOG_DEBUG, _("Sending PING to " IP_ADDR_S " (" IP_ADDR_S ")"),
131 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
133 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PING);
135 if((write(cl->meta_socket, buffer, buflen)) < 0)
137 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
144 int send_pong(conn_list_t *cl)
148 syslog(LOG_DEBUG, _("Sending PONG to " IP_ADDR_S " (" IP_ADDR_S ")"),
149 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
151 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PONG);
153 if((write(cl->meta_socket, buffer, buflen)) < 0)
155 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
162 int send_add_host(conn_list_t *cl, conn_list_t *new_host)
167 real_ip = new_host->real_ip;
168 flags = new_host->flags;
170 /* If we need to propagate information about a new host that wants us to export
171 * it's indirectdata flag, we set the INDIRECTDATA flag and unset the EXPORT...
172 * flag, and set it's real_ip to our vpn_ip, so that net.c send_packet() will
176 if(flags & EXPORTINDIRECTDATA)
178 flags &= ~EXPORTINDIRECTDATA;
179 flags |= INDIRECTDATA;
180 real_ip = myself->vpn_ip;
184 syslog(LOG_DEBUG, _("Sending ADD_HOST for " IP_ADDR_S " (" IP_ADDR_S ") to " IP_ADDR_S " (" IP_ADDR_S ")"),
185 IP_ADDR_V(new_host->vpn_ip), IP_ADDR_V(real_ip), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
187 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx/%lx:%x %d\n", ADD_HOST, new_host->real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port, flags);
189 if((write(cl->meta_socket, buffer, buflen)) < 0)
191 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
198 int send_key_changed(conn_list_t *cl, conn_list_t *src)
202 syslog(LOG_DEBUG, _("Sending KEY_CHANGED origin " IP_ADDR_S " to " IP_ADDR_S " (" IP_ADDR_S ")"),
203 IP_ADDR_V(src->vpn_ip), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
205 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", KEY_CHANGED, src->vpn_ip);
207 if((write(cl->meta_socket, buffer, buflen)) < 0)
209 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
216 void send_key_changed_all(void)
220 for(p = conn_list; p != NULL; p = p->next)
221 if(p->status.meta && p->status.active)
222 send_key_changed(p, myself);
226 int send_basic_info(conn_list_t *cl)
230 syslog(LOG_DEBUG, _("Sending BASIC_INFO to " IP_ADDR_S),
231 IP_ADDR_V(cl->real_ip));
233 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d %lx/%lx:%x %d\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port, myself->flags);
235 if((write(cl->meta_socket, buffer, buflen)) < 0)
237 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
244 int send_passphrase(conn_list_t *cl)
248 encrypt_passphrase(&tmp);
251 syslog(LOG_DEBUG, _("Sending PASSPHRASE to " IP_ADDR_S " (" IP_ADDR_S ")"),
252 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
254 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PASSPHRASE, tmp.phrase);
256 if((write(cl->meta_socket, buffer, buflen)) < 0)
258 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
265 int send_public_key(conn_list_t *cl)
269 syslog(LOG_DEBUG, _("Sending PUBLIC_KEY to " IP_ADDR_S " (" IP_ADDR_S ")"),
270 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
272 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PUBLIC_KEY, my_public_key_base36);
274 if((write(cl->meta_socket, buffer, buflen)) < 0)
276 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
283 /* WDN doet deze functie? (GS)
284 int send_calculate(conn_list_t *cl, char *k)
287 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", CALCULATE, k);
289 if((write(cl->meta_socket, buffer, buflen)) < 0)
291 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
299 int send_key_request(ip_t to)
303 fw = lookup_conn(to);
306 syslog(LOG_ERR, _("Attempting to send REQ_KEY to " IP_ADDR_S ", which does not exist?"),
312 syslog(LOG_DEBUG, _("Sending REQ_KEY to " IP_ADDR_S " (" IP_ADDR_S ")"),
313 IP_ADDR_V(fw->nexthop->vpn_ip), IP_ADDR_V(fw->nexthop->real_ip));
315 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip);
317 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
319 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
322 fw->status.waitingforkey = 1;
327 int send_key_answer(conn_list_t *cl, ip_t to)
332 fw = lookup_conn(to);
336 syslog(LOG_ERR, _("Attempting to send ANS_KEY to " IP_ADDR_S ", which does not exist?"),
342 syslog(LOG_DEBUG, _("Sending ANS_KEY to " IP_ADDR_S " (" IP_ADDR_S ")"),
343 IP_ADDR_V(fw->nexthop->vpn_ip), IP_ADDR_V(fw->nexthop->real_ip));
345 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36);
347 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
349 syslog(LOG_ERR, _("send failed: %s:%d: %m"), __FILE__, __LINE__);
357 notify all my direct connections of a new host
358 that was added to the vpn, with the exception
359 of the source of the announcement.
361 int notify_others(conn_list_t *new, conn_list_t *source,
362 int (*function)(conn_list_t*, conn_list_t*))
366 for(p = conn_list; p != NULL; p = p->next)
367 if(p != new && p != source && p->status.meta && p->status.active)
374 notify one connection of everything
377 int notify_one(conn_list_t *new)
381 for(p = conn_list; p != NULL; p = p->next)
382 if(p != new && p->status.active)
383 send_add_host(new, p);
389 The incoming request handlers
392 int basic_info_h(conn_list_t *cl)
396 syslog(LOG_DEBUG, _("Got BASIC_INFO from " IP_ADDR_S), IP_ADDR_V(cl->real_ip));
398 if(sscanf(cl->buffer, "%*d %d %lx/%lx:%hx %d", &cl->protocol_version, &cl->vpn_ip, &cl->vpn_mask, &cl->port, &cl->flags) != 5)
400 syslog(LOG_ERR, _("Got bad BASIC_INFO from " IP_ADDR_S),
401 IP_ADDR_V(cl->real_ip));
405 if(cl->protocol_version != PROT_CURRENT)
407 syslog(LOG_ERR, _("Peer uses incompatible protocol version %d"),
408 cl->protocol_version);
412 if(cl->status.outgoing)
414 if(setup_vpn_connection(cl) < 0)
420 if(setup_vpn_connection(cl) < 0)
428 int passphrase_h(conn_list_t *cl)
431 cl->pp = xmalloc(sizeof(*(cl->pp)));
433 if(sscanf(cl->buffer, "%*d %as", &(cl->pp->phrase)) != 1)
435 syslog(LOG_ERR, _("Got bad PASSPHRASE from " IP_ADDR_S " (" IP_ADDR_S ")"),
436 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
439 cl->pp->len = strlen(cl->pp->phrase);
442 syslog(LOG_DEBUG, _("Got PASSPHRASE from " IP_ADDR_S " (" IP_ADDR_S ")"),
443 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
445 if(cl->status.outgoing)
453 int public_key_h(conn_list_t *cl)
458 if(sscanf(cl->buffer, "%*d %as", &g_n) != 1)
460 syslog(LOG_ERR, _("Got bad PUBLIC_KEY from " IP_ADDR_S " (" IP_ADDR_S ")"),
461 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
466 syslog(LOG_DEBUG, _("Got PUBLIC_KEY from " IP_ADDR_S " (" IP_ADDR_S ")"),
467 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
469 if(verify_passphrase(cl, g_n))
472 syslog(LOG_ERR, _("Intruder: passphrase does not match!"));
476 if(cl->status.outgoing)
482 /* Okay, before we active the connection, we check if there is another entry
483 in the connection list with the same vpn_ip. If so, it presumably is an
484 old connection that has timed out but we don't know it yet. Because our
485 conn_list entry is not active, lookup_conn will skip ourself. */
487 while(old=lookup_conn(cl->vpn_ip))
488 terminate_connection(old);
490 cl->status.active = 1;
491 notify_others(cl, NULL, send_add_host);
498 int ack_h(conn_list_t *cl)
502 syslog(LOG_DEBUG, _("Got ACK from " IP_ADDR_S " (" IP_ADDR_S ")"),
503 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
505 cl->status.active = 1;
506 syslog(LOG_NOTICE, _("Connection with " IP_ADDR_S " (" IP_ADDR_S ") activated"),
507 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
512 int termreq_h(conn_list_t *cl)
515 if(!cl->status.active)
517 syslog(LOG_ERR, _("Got unauthorized TERMREQ from " IP_ADDR_S " (" IP_ADDR_S ")"),
518 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
523 syslog(LOG_DEBUG, _("Got TERMREQ from " IP_ADDR_S " (" IP_ADDR_S ")"),
524 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
526 cl->status.termreq = 1;
527 cl->status.active = 0;
529 if(cl->status.active)
530 notify_others(cl, NULL, send_del_host);
532 terminate_connection(cl);
537 int timeout_h(conn_list_t *cl)
540 if(!cl->status.active)
542 syslog(LOG_ERR, _("Got unauthorized TIMEOUT from " IP_ADDR_S " (" IP_ADDR_S ")"),
543 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
548 syslog(LOG_DEBUG, _("Got TIMEOUT from " IP_ADDR_S " (" IP_ADDR_S ")"),
549 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
551 cl->status.termreq = 1;
552 terminate_connection(cl);
557 int del_host_h(conn_list_t *cl)
562 if(!cl->status.active)
564 syslog(LOG_ERR, _("Got unauthorized DEL_HOST from " IP_ADDR_S " (" IP_ADDR_S ")"),
565 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
569 if(sscanf(cl->buffer, "%*d %lx", &vpn_ip) != 1)
571 syslog(LOG_ERR, _("Got bad DEL_HOST from " IP_ADDR_S " (" IP_ADDR_S ")"),
572 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
577 syslog(LOG_DEBUG, _("Got DEL_HOST for " IP_ADDR_S " from " IP_ADDR_S " (" IP_ADDR_S ")"),
578 IP_ADDR_V(vpn_ip), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
580 if(!(fw = lookup_conn(vpn_ip)))
582 syslog(LOG_ERR, _("Got DEL_HOST for " IP_ADDR_S " from " IP_ADDR_S " (" IP_ADDR_S ") which does not exist?"),
583 IP_ADDR_V(vpn_ip), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
587 notify_others(cl, fw, send_del_host);
589 fw->status.termreq = 1;
590 terminate_connection(fw);
595 int ping_h(conn_list_t *cl)
598 if(!cl->status.active)
600 syslog(LOG_ERR, _("Got unauthorized PING from " IP_ADDR_S " (" IP_ADDR_S ")"),
601 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
606 syslog(LOG_DEBUG, _("Got PING from " IP_ADDR_S " (" IP_ADDR_S ")"),
607 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
609 cl->status.pinged = 0;
610 cl->status.got_pong = 1;
617 int pong_h(conn_list_t *cl)
620 if(!cl->status.active)
622 syslog(LOG_ERR, _("Got unauthorized PONG from " IP_ADDR_S " (" IP_ADDR_S ")"),
623 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
628 syslog(LOG_DEBUG, _("Got PONG from " IP_ADDR_S " (" IP_ADDR_S ")"),
629 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
631 cl->status.got_pong = 1;
636 int add_host_h(conn_list_t *cl)
643 conn_list_t *ncn, *fw;
645 if(!cl->status.active)
647 syslog(LOG_ERR, _("Got unauthorized ADD_HOST from " IP_ADDR_S " (" IP_ADDR_S ")"),
648 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
652 if(sscanf(cl->buffer, "%*d %lx %lx/%lx:%hx %d", &real_ip, &vpn_ip, &vpn_mask, &port, &flags) != 5)
654 syslog(LOG_ERR, _("Got bad ADD_HOST from " IP_ADDR_S " (" IP_ADDR_S ")"),
655 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
660 syslog(LOG_DEBUG, _("Got ADD_HOST from " IP_ADDR_S " (" IP_ADDR_S ")"),
661 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
664 Suggestion of Hans Bayle
666 if((fw = lookup_conn(vpn_ip)))
668 if(fw->nexthop == cl)
669 notify_others(fw, cl, send_add_host);
671 syslog(LOG_DEBUG, _("Invalid ADD_HOST from " IP_ADDR_S " (" IP_ADDR_S ")"),
672 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
676 ncn = new_conn_list();
677 ncn->real_ip = real_ip;
678 ncn->vpn_ip = vpn_ip;
679 ncn->vpn_mask = vpn_mask;
683 ncn->next = conn_list;
685 ncn->status.active = 1;
686 notify_others(ncn, cl, send_add_host);
691 int req_key_h(conn_list_t *cl)
697 if(!cl->status.active)
699 syslog(LOG_ERR, _("Got unauthorized REQ_KEY from " IP_ADDR_S " (" IP_ADDR_S ")"),
700 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
704 if(sscanf(cl->buffer, "%*d %lx %lx", &to, &from) != 2)
706 syslog(LOG_ERR, _("Got bad REQ_KEY from " IP_ADDR_S " (" IP_ADDR_S ")"),
707 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
712 syslog(LOG_DEBUG, _("Got REQ_KEY origin " IP_ADDR_S " destination " IP_ADDR_S " from " IP_ADDR_S " (" IP_ADDR_S ")"),
713 IP_ADDR_V(from), IP_ADDR_V(to), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
715 if((to & myself->vpn_mask) == (myself->vpn_ip & myself->vpn_mask))
716 { /* hey! they want something from ME! :) */
717 send_key_answer(cl, from);
721 fw = lookup_conn(to);
725 syslog(LOG_ERR, _("Attempting to forward REQ_KEY to " IP_ADDR_S ", which does not exist?"),
731 syslog(LOG_DEBUG, _("Forwarding REQ_KEY to " IP_ADDR_S " (" IP_ADDR_S ")"),
732 IP_ADDR_V(fw->nexthop->vpn_ip), IP_ADDR_V(fw->nexthop->real_ip));
734 cl->buffer[cl->reqlen-1] = '\n';
736 if(write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen) < 0)
738 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
745 void set_keys(conn_list_t *cl, int expiry, char *key)
751 cl->public_key = xmalloc(sizeof(*cl->key));
752 cl->public_key->key = NULL;
755 if(cl->public_key->key)
756 free(cl->public_key->key);
757 cl->public_key->length = strlen(key);
758 cl->public_key->expiry = expiry;
759 cl->public_key->key = xmalloc(cl->public_key->length + 1);
760 strcpy(cl->public_key->key, key);
762 ek = make_shared_key(key);
766 cl->key = xmalloc(sizeof(*cl->key));
773 cl->key->length = strlen(ek);
774 cl->key->expiry = expiry;
775 cl->key->key = xmalloc(cl->key->length + 1);
776 strcpy(cl->key->key, ek);
780 int ans_key_h(conn_list_t *cl)
786 conn_list_t *fw, *gk;
788 if(!cl->status.active)
790 syslog(LOG_ERR, _("Got unauthorized ANS_KEY from " IP_ADDR_S " (" IP_ADDR_S ")"),
791 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
795 if(sscanf(cl->buffer, "%*d %lx %lx %d %as", &to, &from, &expiry, &key) != 4)
797 syslog(LOG_ERR, _("Got bad ANS_KEY from " IP_ADDR_S " (" IP_ADDR_S ")"),
798 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
803 syslog(LOG_DEBUG, _("Got ANS_KEY origin " IP_ADDR_S " destination " IP_ADDR_S " from " IP_ADDR_S " (" IP_ADDR_S ")"),
804 IP_ADDR_V(from), IP_ADDR_V(to), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
806 if(to == myself->vpn_ip)
807 { /* hey! that key's for ME! :) */
808 gk = lookup_conn(from);
812 syslog(LOG_ERR, _("Receiving ANS_KEY from " IP_ADDR_S ", which does not exist?"),
817 set_keys(gk, expiry, key);
818 gk->status.validkey = 1;
819 gk->status.waitingforkey = 0;
824 fw = lookup_conn(to);
828 syslog(LOG_ERR, _("Attempting to forward ANS_KEY to " IP_ADDR_S ", which does not exist?"),
834 syslog(LOG_DEBUG, _("Forwarding ANS_KEY to " IP_ADDR_S " (" IP_ADDR_S ")"),
835 IP_ADDR_V(fw->nexthop->vpn_ip), IP_ADDR_V(fw->nexthop->real_ip));
837 cl->buffer[cl->reqlen-1] = '\n';
839 if((write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen)) < 0)
841 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
848 int key_changed_h(conn_list_t *cl)
853 if(!cl->status.active)
855 syslog(LOG_ERR, _("Got unauthorized KEY_CHANGED from " IP_ADDR_S " (" IP_ADDR_S ")"),
856 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
860 if(sscanf(cl->buffer, "%*d %lx", &from) != 1)
862 syslog(LOG_ERR, _("Got bad KEY_CHANGED from " IP_ADDR_S " (" IP_ADDR_S ")"),
863 IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
868 syslog(LOG_DEBUG, _("Got KEY_CHANGED origin " IP_ADDR_S " from " IP_ADDR_S " (" IP_ADDR_S ")"),
869 IP_ADDR_V(from), IP_ADDR_V(cl->vpn_ip), IP_ADDR_V(cl->real_ip));
871 ik = lookup_conn(from);
875 syslog(LOG_ERR, _("Got KEY_CHANGED from " IP_ADDR_S ", which does not exist?"),
880 ik->status.validkey = 0;
881 ik->status.waitingforkey = 0;
883 notify_others(cl, ik, send_key_changed);
888 int (*request_handlers[256])(conn_list_t*) = {
889 0, ack_h, 0, 0, 0, 0, 0, 0, 0, 0,
890 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
891 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
892 termreq_h, timeout_h, del_host_h, 0, 0, 0, 0, 0, 0, 0,
893 ping_h, pong_h, 0, 0, 0, 0, 0, 0, 0, 0,
894 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
895 add_host_h, basic_info_h, passphrase_h, public_key_h, 0, 0, 0, 0, 0, 0,
896 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
897 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
898 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
899 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
900 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
901 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
902 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
903 req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
904 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
905 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
906 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
907 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
908 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0