/*
netutl.c -- some supporting network utility code
- Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
+ Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>
+ 2000-2002 Guus Sliepen <guus@sliepen.eu.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: netutl.c,v 1.12.4.1 2000/06/25 15:16:12 guus Exp $
+ $Id: netutl.c,v 1.12.4.41 2002/06/21 17:49:48 guus Exp $
*/
#include "config.h"
-#include <arpa/inet.h>
+#include <fcntl.h>
#include <netdb.h>
#include <netinet/in.h>
#include <stdio.h>
#include <stdlib.h>
+#ifdef HAVE_INTTYPES_H
+ #include <inttypes.h>
+#endif
#include <string.h>
+#include <signal.h>
#include <sys/socket.h>
#include <syslog.h>
+#include <arpa/inet.h>
#include <utils.h>
#include <xalloc.h>
+#include "errno.h"
#include "conf.h"
-#include "encr.h"
#include "net.h"
#include "netutl.h"
#include "system.h"
+int hostnames = 0;
+
/*
- look for a connection associated with the given vpn ip,
- return its connection structure.
- Skips connections that are not activated!
+ Turn a string into a struct addrinfo.
+ Return NULL on failure.
*/
-conn_list_t *lookup_conn(ip_t ip)
+struct addrinfo *str2addrinfo(char *address, char *service, int socktype)
{
- conn_list_t *p = conn_list;
+ struct addrinfo hint, *ai;
+ int err;
cp
- /* Exact match suggested by James B. MacLean */
- for(p = conn_list; p != NULL; p = p->next)
- if((ip == p->vpn_ip) && p->status.active)
- return p;
- for(p = conn_list; p != NULL; p = p->next)
- if(((ip & p->vpn_mask) == (p->vpn_ip & p->vpn_mask)) && p->status.active)
- return p;
+ memset(&hint, 0, sizeof(hint));
+
+ hint.ai_family = addressfamily;
+ hint.ai_socktype = socktype;
+
+ if((err = getaddrinfo(address, service, &hint, &ai)))
+ {
+ if(debug_lvl >= DEBUG_ERROR)
+ syslog(LOG_WARNING, _("Error looking up %s port %s: %s\n"), address, service, gai_strerror(err));
+ cp_trace();
+ return NULL;
+ }
+
cp
- return NULL;
+ return ai;
}
-/*
- free a queue and all of its elements
-*/
-void destroy_queue(packet_queue_t *pq)
+sockaddr_t str2sockaddr(char *address, char *port)
{
- queue_element_t *p, *q;
+ struct addrinfo hint, *ai;
+ sockaddr_t result;
+ int err;
cp
- for(p = pq->head; p != NULL; p = q)
+ memset(&hint, 0, sizeof(hint));
+
+ hint.ai_family = AF_UNSPEC;
+ hint.ai_flags = AI_NUMERICHOST;
+ hint.ai_socktype = SOCK_STREAM;
+
+ if((err = getaddrinfo(address, port, &hint, &ai) || !ai))
{
- q = p->next;
- if(p->packet)
- free(p->packet);
- free(p);
+ syslog(LOG_ERR, _("Error looking up %s port %s: %s\n"), address, port, gai_strerror(err));
+ cp_trace();
+ raise(SIGFPE);
+ exit(0);
}
- free(pq);
+ result = *(sockaddr_t *)ai->ai_addr;
+ freeaddrinfo(ai);
cp
+ return result;
}
-/*
- free a conn_list_t element and all its pointers
-*/
-void free_conn_element(conn_list_t *p)
+void sockaddr2str(sockaddr_t *sa, char **addrstr, char **portstr)
{
+ char address[NI_MAXHOST];
+ char port[NI_MAXSERV];
+ char *scopeid;
+ int err;
cp
- if(p->sq)
- destroy_queue(p->sq);
- if(p->rq)
- destroy_queue(p->rq);
- free_key(p->public_key);
- free_key(p->key);
- free(p);
+ if((err = getnameinfo(&sa->sa, SALEN(sa->sa), address, sizeof(address), port, sizeof(port), NI_NUMERICHOST|NI_NUMERICSERV)))
+ {
+ syslog(LOG_ERR, _("Error while translating addresses: %s"), gai_strerror(err));
+ cp_trace();
+ raise(SIGFPE);
+ exit(0);
+ }
+
+ if((scopeid = strchr(address, '%')))
+ *scopeid = '\0'; /* Descope. */
+
+ *addrstr = xstrdup(address);
+ *portstr = xstrdup(port);
cp
}
-/*
- remove all marked connections
-*/
-void prune_conn_list(void)
+char *sockaddr2hostname(sockaddr_t *sa)
{
- conn_list_t *p, *prev = NULL, *next = NULL;
+ char *str;
+ char address[NI_MAXHOST] = "unknown";
+ char port[NI_MAXSERV] = "unknown";
+ int err;
cp
- for(p = conn_list; p != NULL; )
+ if((err = getnameinfo(&sa->sa, SALEN(sa->sa), address, sizeof(address), port, sizeof(port), hostnames?0:(NI_NUMERICHOST|NI_NUMERICSERV))))
{
- next = p->next;
-
- if(p->status.remove)
- {
- if(prev)
- prev->next = next;
- else
- conn_list = next;
-
- free_conn_element(p);
- }
- else
- prev = p;
-
- p = next;
+ syslog(LOG_ERR, _("Error while looking up hostname: %s"), gai_strerror(err));
}
+
+ asprintf(&str, _("%s port %s"), address, port);
cp
+ return str;
}
-/*
- creates new conn_list element, and initializes it
-*/
-conn_list_t *new_conn_list(void)
+int sockaddrcmp(sockaddr_t *a, sockaddr_t *b)
{
- conn_list_t *p = xmalloc(sizeof(*p));
-cp
- /* initialise all those stupid pointers at once */
- memset(p, '\0', sizeof(*p));
- p->vpn_mask = (ip_t)(~0L); /* If this isn't done, it would be a
- wastebucket for all packets with
- unknown destination. */
- p->nexthop = p;
+ int result;
+cp
+ result = a->sa.sa_family - b->sa.sa_family;
+
+ if(result)
+ return result;
+
+ switch(a->sa.sa_family)
+ {
+ case AF_UNSPEC:
+ return 0;
+ case AF_INET:
+ result = memcmp(&a->in.sin_addr, &b->in.sin_addr, sizeof(a->in.sin_addr));
+ if(result)
+ return result;
+ return memcmp(&a->in.sin_port, &b->in.sin_port, sizeof(a->in.sin_port));
+ case AF_INET6:
+ result = memcmp(&a->in6.sin6_addr, &b->in6.sin6_addr, sizeof(a->in6.sin6_addr));
+ if(result)
+ return result;
+ return memcmp(&a->in6.sin6_port, &b->in6.sin6_port, sizeof(a->in6.sin6_port));
+ default:
+ syslog(LOG_ERR, _("sockaddrcmp() was called with unknown address family %d, exitting!"), a->sa.sa_family);
+ cp_trace();
+ raise(SIGFPE);
+ exit(0);
+ }
cp
- return p;
}
-/*
- free all elements of conn_list
-*/
-void destroy_conn_list(void)
+void sockaddrunmap(sockaddr_t *sa)
{
- conn_list_t *p, *next;
-cp
- for(p = conn_list; p != NULL; )
+ if(sa->sa.sa_family == AF_INET6 && IN6_IS_ADDR_V4MAPPED(&sa->in6.sin6_addr))
{
- next = p->next;
- free_conn_element(p);
- p = next;
+ sa->in.sin_addr.s_addr = ((uint32_t *)&sa->in6.sin6_addr)[3];
+ sa->in.sin_family = AF_INET;
}
-
- conn_list = NULL;
-cp
}
-/* Hostlookups stink. (GS)
- look up the name associated with the ip
- address `addr'
+/* Subnet mask handling */
-char *hostlookup(unsigned long addr)
+int maskcmp(void *va, void *vb, int masklen, int len)
{
- char *name;
- struct hostent *host = NULL;
- struct in_addr in;
- config_t const *cfg;
- int lookup_hostname;
+ int i, m, result;
+ char *a = va;
+ char *b = vb;
cp
- in.s_addr = addr;
+ for(m = masklen, i = 0; m >= 8; m -= 8, i++)
+ if((result = a[i] - b[i]))
+ return result;
- lookup_hostname = 0;
- if((cfg = get_config_val(resolve_dns)) != NULL)
- if(cfg->data.val == stupid_true)
- lookup_hostname = 1;
+ if(m)
+ return (a[i] & (0x100 - (1 << (8 - m)))) - (b[i] & (0x100 - (1 << (8 - m))));
- if(lookup_hostname)
- host = gethostbyaddr((char *)&in, sizeof(in), AF_INET);
+ return 0;
+}
- if(!lookup_hostname || !host)
- {
- name = xmalloc(20);
- sprintf(name, "%s", inet_ntoa(in));
- }
- else
- {
- name = xmalloc(strlen(host->h_name)+20);
- sprintf(name, "%s (%s)", host->h_name, inet_ntoa(in));
- }
-cp
- return name;
+void mask(void *va, int masklen, int len)
+{
+ int i;
+ char *a = va;
+cp
+ i = masklen / 8;
+ masklen %= 8;
+
+ if(masklen)
+ a[i++] &= (0x100 - (1 << masklen));
+
+ for(; i < len; i++)
+ a[i] = 0;
}
-*/
-/*
- Turn a string into an IP addy with netmask
- return NULL on failure
-*/
-ip_mask_t *strtoip(char *str)
+void maskcpy(void *va, void *vb, int masklen, int len)
{
- ip_mask_t *ip;
- int masker;
- char *q, *p;
- struct hostent *h;
+ int i, m;
+ char *a = va;
+ char *b = vb;
cp
- p = str;
- if((q = strchr(p, '/')))
- {
- *q = '\0';
- q++; /* q now points to netmask part, or NULL if no mask */
- }
-
- if(!(h = gethostbyname(p)))
- {
- fprintf(stderr, _("Error looking up `%s': %s\n"), p, sys_errlist[h_errno]);
- return NULL;
- }
+ for(m = masklen, i = 0; m >= 8; m -= 8, i++)
+ a[i] = b[i];
- masker = 0;
- if(q)
+ if(m)
{
- masker = strtol(q, &p, 10);
- if(q == p || (*p))
- return NULL;
+ a[i] = b[i] & (0x100 - (1 << m));
+ i++;
}
- ip = xmalloc(sizeof(*ip));
- ip->ip = ntohl(*((ip_t*)(h->h_addr_list[0])));
-
- ip->mask = masker ? ~((1 << (32 - masker)) - 1) : 0;
-cp
- return ip;
+ for(; i < len; i++)
+ a[i] = 0;
}
-void dump_conn_list(void)
+int maskcheck(void *va, int masklen, int len)
{
- conn_list_t *p;
+ int i;
+ char *a = va;
cp
- syslog(LOG_DEBUG, _("Connection list:"));
+ i = masklen / 8;
+ masklen %= 8;
- for(p = conn_list; p != NULL; p = p->next)
- {
- syslog(LOG_DEBUG, " " IP_ADDR_S "/" IP_ADDR_S ": %04x (%d|%d)",
- IP_ADDR_V(p->vpn_ip), IP_ADDR_V(p->vpn_mask), p->status,
- p->socket, p->meta_socket);
- }
-cp
+ if(masklen && a[i++] & (0xff >> masklen))
+ return -1;
+
+ for(; i < len; i++)
+ if(a[i] != 0)
+ return -2;
+
+ return 0;
}