#include <openssl/err.h>
#include <openssl/evp.h>
-#include "avl_tree.h"
+#include "splay_tree.h"
#include "conf.h"
#include "connection.h"
+#include "control.h"
#include "device.h"
#include "graph.h"
#include "logger.h"
char *myport;
static struct event device_ev;
-bool read_rsa_public_key(connection_t *c)
-{
+bool read_rsa_public_key(connection_t *c) {
FILE *fp;
char *fname;
char *key;
return false;
}
-bool read_rsa_private_key(void)
-{
+bool read_rsa_private_key(void) {
FILE *fp;
char *fname, *key, *pubkey;
struct stat s;
return true;
}
+static struct event keyexpire_event;
+
+static void keyexpire_handler(int fd, short events, void *data) {
+ regenerate_key();
+}
+
+void regenerate_key() {
+ RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength);
+
+ if(timeout_initialized(&keyexpire_event)) {
+ ifdebug(STATUS) logger(LOG_INFO, _("Regenerating symmetric key"));
+ event_del(&keyexpire_event);
+ send_key_changed(broadcast, myself);
+ } else {
+ timeout_set(&keyexpire_event, keyexpire_handler, NULL);
+ }
+
+ event_add(&keyexpire_event, &(struct timeval){keylifetime, 0});
+
+ if(myself->cipher) {
+ EVP_CIPHER_CTX_init(&packet_ctx);
+ if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len)) {
+ logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
+ myself->name, myself->hostname, ERR_error_string(ERR_get_error(), NULL));
+ abort();
+ }
+
+ }
+}
+
/*
Configure node_t myself and set up the local sockets (listen only)
*/
-bool setup_myself(void)
-{
+bool setup_myself(void) {
config_t *cfg;
subnet_t *subnet;
char *name, *hostname, *mode, *afname, *cipher, *digest;
myself->connection->outcipher = EVP_bf_ofb();
myself->key = xmalloc(myself->keylength);
- RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength);
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
- keyexpires = now + keylifetime;
-
- if(myself->cipher) {
- EVP_CIPHER_CTX_init(&packet_ctx);
- if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len)) {
- logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"),
- myself->name, myself->hostname, ERR_error_string(ERR_get_error(), NULL));
- return false;
- }
-
- }
-
+ regenerate_key();
/* Check if we want to use message authentication codes... */
if(get_config_string
EV_READ|EV_PERSIST,
handle_new_meta_connection, NULL);
if(event_add(&listen_socket[listen_sockets].ev_tcp, NULL) < 0) {
- logger(LOG_WARNING, _("event_add failed: %s"), strerror(errno));
- close(listen_socket[listen_sockets].tcp);
- close(listen_socket[listen_sockets].udp);
- continue;
+ logger(LOG_EMERG, _("event_add failed: %s"), strerror(errno));
+ abort();
}
event_set(&listen_socket[listen_sockets].ev_udp,
EV_READ|EV_PERSIST,
handle_incoming_vpn_data, NULL);
if(event_add(&listen_socket[listen_sockets].ev_udp, NULL) < 0) {
- logger(LOG_WARNING, _("event_add failed: %s"), strerror(errno));
- close(listen_socket[listen_sockets].tcp);
- close(listen_socket[listen_sockets].udp);
- event_del(&listen_socket[listen_sockets].ev_tcp);
- continue;
+ logger(LOG_EMERG, _("event_add failed: %s"), strerror(errno));
+ abort();
}
ifdebug(CONNECTIONS) {
/*
setup all initial network connections
*/
-bool setup_network_connections(void)
-{
+bool setup_network_connections(void) {
cp();
- now = time(NULL);
-
init_connections();
init_subnets();
init_nodes();
/*
close all open network connections
*/
-void close_network_connections(void)
-{
- avl_node_t *node, *next;
+void close_network_connections(void) {
+ splay_node_t *node, *next;
connection_t *c;
char *envp[5];
int i;
projects / meshlink / blobdiff