From 18c85caac36f7236454deef11b9eba74328dbd96 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Thu, 29 Jun 2000 17:09:08 +0000 Subject: [PATCH] - New semantics for BASIC_INFO, ADD_HOST and DEL_HOST requests. This will improve connection list consistency, ensures the tree property, and allows for recovery from situations where track of connections is lost. --- po/nl.po | 148 ++++++++++++++++++++++++++++--------------------- src/net.c | 30 ++++++---- src/netutl.c | 4 +- src/protocol.c | 58 ++++++++++++++----- src/protocol.h | 3 +- src/tincd.c | 5 +- 6 files changed, 153 insertions(+), 95 deletions(-) diff --git a/po/nl.po b/po/nl.po index bcdcf0b8..7b44a4a6 100644 --- a/po/nl.po +++ b/po/nl.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: tinc 1.0pre3\n" -"POT-Creation-Date: 2000-06-29 14:53+0200\n" +"POT-Creation-Date: 2000-06-29 18:49+0200\n" "PO-Revision-Date: 2000-05-31 20:14+02:00\n" "Last-Translator: Ivo Timmermans \n" "Language-Team: Dutch \n" @@ -268,7 +268,7 @@ msgstr "Aanmaak UDP socket mislukte: %m" msgid "Connecting to %s port %d failed: %m" msgstr "Verbinding naar %s poort %d mislukt: %m" -#: src/net.c:754 src/net.c:841 src/net.c:1039 +#: src/net.c:754 src/net.c:841 src/net.c:1044 #, c-format msgid "This is a bug: %s:%d: %d:%m" msgstr "Dit is een programmeerfout: %s:%d: %d:%m" @@ -311,74 +311,74 @@ msgstr "Be msgid "Trying to re-establish outgoing connection in 5 seconds" msgstr "Poging tot herstellen van uitgaande verbinding over 5 seconden" -#: src/net.c:978 +#: src/net.c:983 #, c-format msgid "%s (%s) didn't respond to PING" msgstr "%s (%s) antwoordde niet op ping" -#: src/net.c:1009 +#: src/net.c:1014 #, c-format msgid "Accepting a new connection failed: %m" msgstr "Aanname van nieuwe verbinding is mislukt: %m" -#: src/net.c:1017 +#: src/net.c:1022 msgid "Closed attempted connection" msgstr "Aangenomen verbinding verbroken" -#: src/net.c:1044 +#: src/net.c:1049 #, c-format msgid "Metadata socket error: %s" msgstr "Fout op socket voor metaverkeer: %s" -#: src/net.c:1050 +#: src/net.c:1055 msgid "Metadata read buffer overflow!" msgstr "Metadata ontvangstbuffer overloop!" -#: src/net.c:1060 +#: src/net.c:1065 #, c-format msgid "Metadata socket read error: %m" msgstr "Fout op socket voor metaverkeer tijdens lezen: %m" -#: src/net.c:1084 +#: src/net.c:1089 #, c-format msgid "Got request from %s (%s): %s" msgstr "Ontving verzoek van %s (%s): %s" -#: src/net.c:1090 +#: src/net.c:1095 #, c-format msgid "Unknown request from %s (%s)" msgstr "Onbekend verzoek van %s (%s)" -#: src/net.c:1097 +#: src/net.c:1102 #, c-format msgid "Error while processing request from %s (%s)" msgstr "Fout tijdens afhandelen van verzoek van %s (%s)" -#: src/net.c:1104 +#: src/net.c:1109 #, c-format msgid "Bogus data received from %s (%s)" msgstr "Onzinnige data ontvangen van %s (%s)" -#: src/net.c:1149 +#: src/net.c:1154 #, c-format -msgid "Outgoing data socket error: %s" -msgstr "Fout op socket voor uitgaand verkeer: %s" +msgid "Outgoing data socket error for %s (%s): %s" +msgstr "Fout op socket voor uitgaand verkeer voor %s (%s): %s" -#: src/net.c:1184 +#: src/net.c:1190 #, c-format msgid "Error while reading from tapdevice: %m" msgstr "Fout tijdens lezen van tap-apparaatbestand tijdens lezen: %m" -#: src/net.c:1194 +#: src/net.c:1200 #, c-format msgid "Non-IP ethernet frame %04x from " msgstr "Niet-IP ethernet pakket %04x van " -#: src/net.c:1202 +#: src/net.c:1208 msgid "Dropping short packet" msgstr "Te kort pakket genegeerd" -#: src/net.c:1241 +#: src/net.c:1247 #, c-format msgid "Error while waiting for input: %m" msgstr "Fout tijdens wachten op invoer: %m" @@ -396,7 +396,8 @@ msgstr "Verbindingslijst:" #, c-format msgid "" "%s netmask %d.%d.%d.%d at %s port %hd flags %d sockets %d, %d status %04x" -msgstr "%s netmask %d.%d.%d.%d op %s vlaggen %hd sockets %d, %d status %04x" +msgstr "" +"%s netmask %d.%d.%d.%d op %s poort %hd vlaggen %hd sockets %d, %d status %04x" #: src/protocol.c:54 #, c-format @@ -416,7 +417,7 @@ msgstr "Verzending TERMREQ naar %s (%s)" #: src/protocol.c:80 src/protocol.c:98 src/protocol.c:116 src/protocol.c:134 #: src/protocol.c:152 src/protocol.c:191 src/protocol.c:209 src/protocol.c:237 #: src/protocol.c:258 src/protocol.c:276 src/protocol.c:319 src/protocol.c:349 -#: src/protocol.c:747 src/protocol.c:850 +#: src/protocol.c:779 src/protocol.c:882 #, c-format msgid "Send failed: %s:%d: %m" msgstr "Verzenden mislukte: %s:%d: %m" @@ -501,188 +502,211 @@ msgstr "Kreeg ongeldige BASIC_INFO van %s" msgid "Peer uses incompatible protocol version %d" msgstr "De ander gebruikt een niet-compatibel protocol versie %d" -#: src/protocol.c:437 +#: src/protocol.c:430 +#, c-format +msgid "Uplink %s (%s) is already in our connection list, aborting connect" +msgstr "" + +#: src/protocol.c:450 #, c-format msgid "Got bad PASSPHRASE from %s (%s)" msgstr "Kreeg ongeldige PASSPHRASE van %s (%s)" -#: src/protocol.c:444 +#: src/protocol.c:457 #, c-format msgid "Got PASSPHRASE from %s (%s)" msgstr "Kreeg PASSPHRASE van %s (%s)" -#: src/protocol.c:462 +#: src/protocol.c:475 #, c-format msgid "Got bad PUBLIC_KEY from %s (%s)" msgstr "Kreeg ongeldige PUBLIC_KEY van %s (%s)" -#: src/protocol.c:468 +#: src/protocol.c:481 #, c-format msgid "Got PUBLIC_KEY from %s (%s)" msgstr "Kreeg PUBLIC_KEY van %s (%s)" #. intruder! -#: src/protocol.c:474 -msgid "Intruder: passphrase does not match!" -msgstr "Indringer: wachwoord komt niet overeen!" +#: src/protocol.c:487 +#, c-format +msgid "Intruder from %s: passphrase for %s does not match!" +msgstr "Indringer van %s: wachwoord voor %s komt niet overeen!" -#: src/protocol.c:495 src/protocol.c:514 +#: src/protocol.c:505 +#, c-format +msgid "Removing old entry for %s at %s in favour of new connection from %s" +msgstr "" +"Verwijdering oude verbinding voor %s op %s in voordeel van nieuwe verbinding " +"van %s" + +#: src/protocol.c:514 src/protocol.c:533 #, c-format msgid "Connection with %s (%s) activated" msgstr "Verbinding met %s (%s) geactiveerd" -#: src/protocol.c:509 +#: src/protocol.c:528 #, c-format msgid "Got ACK from %s (%s)" msgstr "Kreeg ACK van %s (%s)" -#: src/protocol.c:530 +#: src/protocol.c:549 #, c-format msgid "Got unauthorized TERMREQ from %s (%s)" msgstr "Kreeg niet-geautoriseerde TERMREQ van %s (%s)" -#: src/protocol.c:536 +#: src/protocol.c:555 #, c-format msgid "Got TERMREQ from %s (%s)" msgstr "Kreeg TERMREQ van %s (%s)" -#: src/protocol.c:556 +#: src/protocol.c:570 #, c-format msgid "Got unauthorized TIMEOUT from %s (%s)" msgstr "Kreeg niet-geautoriseerde TIMEOUT van %s (%s)" -#: src/protocol.c:562 +#: src/protocol.c:576 #, c-format msgid "Got TIMEOUT from %s (%s)" msgstr "Kreeg TIMEOUT van %s (%s)" -#: src/protocol.c:578 +#: src/protocol.c:592 #, c-format msgid "Got unauthorized DEL_HOST from %s (%s)" msgstr "Kreeg niet-geautoriseerde DEL_HOST van %s (%s)" -#: src/protocol.c:585 +#: src/protocol.c:599 #, c-format msgid "Got bad DEL_HOST from %s (%s)" msgstr "Kreeg ongeldige DEL_HOST van %s (%s)" -#: src/protocol.c:592 +#: src/protocol.c:606 #, c-format msgid "Got DEL_HOST for %d.%d.%d.%d from %s (%s) which does not exist?" msgstr "Kreeg DEL_HOST voor %d.%d.%d.%d van %s (%s), die niet bestaat?" -#: src/protocol.c:598 +#: src/protocol.c:612 #, c-format msgid "Got DEL_HOST for %s (%s) from %s (%s)" msgstr "Kreeg DEL_HOST voor %s (%s) van %s (%s)" -#: src/protocol.c:616 +#: src/protocol.c:630 #, c-format msgid "Got unauthorized PING from %s (%s)" msgstr "Kreeg niet-geautoriseerde PING van %s (%s)" -#: src/protocol.c:622 +#: src/protocol.c:636 #, c-format msgid "Got PING from %s (%s)" msgstr "Kreeg PING van %s (%s)" -#: src/protocol.c:638 +#: src/protocol.c:652 #, c-format msgid "Got unauthorized PONG from %s (%s)" msgstr "Kreeg niet-geautoriseerde PONG van %s (%s)" -#: src/protocol.c:644 +#: src/protocol.c:658 #, c-format msgid "Got PONG from %s (%s)" msgstr "Kreeg PONG van %s (%s)" -#: src/protocol.c:663 +#: src/protocol.c:677 #, c-format msgid "Got unauthorized ADD_HOST from %s (%s)" msgstr "Kreeg niet-geautoriseerde ADD_HOST van %s (%s)" -#: src/protocol.c:670 +#: src/protocol.c:684 #, c-format msgid "Got bad ADD_HOST from %s (%s)" msgstr "Kreeg ongeldige ADD_HOST van %s (%s)" -#: src/protocol.c:692 +#: src/protocol.c:694 +#, c-format +msgid "Got duplicate ADD_HOST for %s (%s) from %s (%s)" +msgstr "Kreeg een tweede ADD_HOST voor %s (%s) van %s (%s)" + +#: src/protocol.c:701 +#, c-format +msgid "Removing old entry for %s (%s)" +msgstr "Verwijdering oude verbinding voor %s (%s)" + +#: src/protocol.c:722 #, c-format msgid "Got ADD_HOST for %s (%s) from %s (%s)" msgstr "Kreeg ADD_HOST voor %s (%s) van %s (%s)" -#: src/protocol.c:708 +#: src/protocol.c:740 #, c-format msgid "Got unauthorized REQ_KEY from %s (%s)" msgstr "Kreeg niet-geautoriseerde REQ_KEY van %s (%s)" -#: src/protocol.c:715 +#: src/protocol.c:747 #, c-format msgid "Got bad REQ_KEY from %s (%s)" msgstr "Kreeg ongeldige REQ_KEY van %s (%s)" -#: src/protocol.c:721 +#: src/protocol.c:753 #, c-format msgid "Got REQ_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)" msgstr "Kreeg REQ_KEY herkmonst %d.%d.%d.%d bestemming %d.%d.%d.%d van %s (%s)" -#: src/protocol.c:734 +#: src/protocol.c:766 #, c-format msgid "Attempting to forward REQ_KEY to %d.%d.%d.%d, which does not exist?" msgstr "Poging tot doorsturen REQ_KEY naar %d.%d.%d.%d, die niet bestaat?" -#: src/protocol.c:740 +#: src/protocol.c:772 #, c-format msgid "Forwarding REQ_KEY to %s (%s)" msgstr "Doorsturen REQ_KEY naar %s (%s)" -#: src/protocol.c:799 +#: src/protocol.c:831 #, c-format msgid "Got unauthorized ANS_KEY from %s (%s)" msgstr "Kreeg niet-geautoriseerde ANS_KEY van %s (%s)" -#: src/protocol.c:806 +#: src/protocol.c:838 #, c-format msgid "Got bad ANS_KEY from %s (%s)" msgstr "Kreeg ongeldige ANS_KEY van %s (%s)" -#: src/protocol.c:812 +#: src/protocol.c:844 #, c-format msgid "Got ANS_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)" msgstr "Kreeg ANS_KEY herkomst %d.%d.%d.%d bestemming %d.%d.%d.%d van %s (%s)" -#: src/protocol.c:821 +#: src/protocol.c:853 #, c-format msgid "" "Receiving ANS_KEY origin %d.%d.%d.%d from %s (%s), which does not exist?" msgstr "Kreeg ANS_KEY herkomst %d.%d.%d.%d van %s (%s), die niet bestaat?" -#: src/protocol.c:837 +#: src/protocol.c:869 #, c-format msgid "Attempting to forward ANS_KEY to %d.%d.%d.%d, which does not exist?" msgstr "Poging tot doorsturen ANS_KEY naar %d.%d.%d.%d, die niet besttaat?" -#: src/protocol.c:843 +#: src/protocol.c:875 #, c-format msgid "Forwarding ANS_KEY to %s (%s)" msgstr "Doorsturen ANS_KEY naar %s (%s)" -#: src/protocol.c:864 +#: src/protocol.c:896 #, c-format msgid "Got unauthorized KEY_CHANGED from %s (%s)" msgstr "Kreeg niet-geautoriseerde KEY_CHANGED van %s (%s)" -#: src/protocol.c:871 +#: src/protocol.c:903 #, c-format msgid "Got bad KEY_CHANGED from %s (%s)" msgstr "Kreeg ongeldige KEY_CHANGED van %s (%s)" -#: src/protocol.c:880 +#: src/protocol.c:912 #, c-format msgid "Got KEY_CHANGED origin %d.%d.%d.%d from %s (%s), which does not exist?" msgstr "Kreeg KEY_CHANGED herkomst %d.%d.%d.%d van %s (%s), die niet bestaat?" -#: src/protocol.c:886 +#: src/protocol.c:918 #, c-format msgid "Got KEY_CHANGED origin %s from %s (%s)" msgstr "Kreeg KEY_CHANGED herkomst %s van %s (%s)" @@ -862,7 +886,3 @@ msgstr "Kreeg onverwacht signaal %d na %s regel %d" #, c-format msgid "Got unexpected signal %d" msgstr "Kreeg onverwacht signaal %d" - -#: src/tincd.c:493 -msgid "Got SIGCHLD: exitting immediately" -msgstr "Kreeg SIGCHLD: directe beƫindiging" diff --git a/src/net.c b/src/net.c index af9077c8..ce60eeac 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.13 2000/06/29 13:04:14 guus Exp $ + $Id: net.c,v 1.35.4.14 2000/06/29 17:09:05 guus Exp $ */ #include "config.h" @@ -921,32 +921,37 @@ cp cl->status.remove = 1; - /* If this cl isn't active, don't send any DEL_HOSTs and don't bother - checking for other lost connections. */ + /* If this cl isn't active, don't send any DEL_HOSTs. */ if(!cl->status.active) return; cl->status.active = 0; - + notify_others(cl,NULL,send_del_host); + cp /* Find all connections that were lost because they were behind cl (the connection that was dropped). */ - for(p = conn_list; p != NULL; p = p->next) - if(p->nexthop == cl) + if(cl->status.meta) + for(p = conn_list; p != NULL; p = p->next) { - p->status.active = 0; - p->status.remove = 1; + if(p->nexthop == cl) + { + if(p->status.active) + notify_others(p,cl,send_del_host); + p->status.active = 0; + p->status.remove = 1; + } } - + cp /* Then send a notification about all these connections to all hosts - that are still connected to us. */ + that are still connected to us. for(p = conn_list; p != NULL; p = p->next) if(p->status.active && p->status.meta) for(q = conn_list; q != NULL; q = q->next) if(q->status.remove) send_del_host(p, q); - + */ cp } @@ -1146,7 +1151,8 @@ cp I've once got here when it said `No route to host'. */ getsockopt(p->socket, SOL_SOCKET, SO_ERROR, &x, &l); - syslog(LOG_ERR, _("Outgoing data socket error: %s"), sys_errlist[x]); + syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"), + p->vpn_hostname, p->real_hostname, sys_errlist[x]); terminate_connection(p); return; } diff --git a/src/netutl.c b/src/netutl.c index fda9abdc..f57266c3 100644 --- a/src/netutl.c +++ b/src/netutl.c @@ -16,7 +16,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: netutl.c,v 1.12.4.5 2000/06/29 13:04:15 guus Exp $ + $Id: netutl.c,v 1.12.4.6 2000/06/29 17:09:06 guus Exp $ */ #include "config.h" @@ -192,7 +192,7 @@ cp } else { - name = xmalloc(strlen(host->h_name)); + name = xmalloc(strlen(host->h_name)+1); sprintf(name, "%s", host->h_name); } cp diff --git a/src/protocol.c b/src/protocol.c index 6740cb0d..13593602 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.c,v 1.28.4.15 2000/06/29 13:04:15 guus Exp $ + $Id: protocol.c,v 1.28.4.16 2000/06/29 17:09:06 guus Exp $ */ #include "config.h" @@ -419,6 +419,19 @@ cp } else { + /* First check if the host we connected to is already in our + connection list. If so, we are probably making a loop, which + is not desirable. It should not happen though. + */ + + if(lookup_conn(cl->vpn_ip)) + { + if(debug_lvl>0) + syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list, aborting connect"), + cl->vpn_hostname, cl->real_hostname); + return -1; + } + if(setup_vpn_connection(cl) < 0) return -1; send_passphrase(cl); @@ -471,7 +484,8 @@ cp if(verify_passphrase(cl, g_n)) { /* intruder! */ - syslog(LOG_ERR, _("Intruder: passphrase does not match!")); + syslog(LOG_ERR, _("Intruder from %s: passphrase for %s does not match!"), + cl->real_hostname, cl->vpn_hostname); return -1; } @@ -483,12 +497,17 @@ cp /* Okay, before we active the connection, we check if there is another entry in the connection list with the same vpn_ip. If so, it presumably is an - old connection that has timed out but we don't know it yet. Because our - conn_list entry is not active, lookup_conn will skip ourself. */ + old connection that has timed out but we don't know it yet. + */ while(old = lookup_conn(cl->vpn_ip)) - terminate_connection(old); - + { + syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"), + cl->vpn_hostname, old->real_hostname, cl->real_hostname); + old->status.active = 0; + terminate_connection(old); + } + cl->status.active = 1; if(debug_lvl > 0) @@ -538,11 +557,6 @@ cp cl->status.termreq = 1; - if(cl->status.active) - notify_others(cl, NULL, send_del_host); - - cl->status.active = 0; - terminate_connection(cl); cp return 0; @@ -672,8 +686,24 @@ cp return -1; } - while(old = lookup_conn(vpn_ip)) - terminate_connection(old); + if(old = lookup_conn(vpn_ip)) + { + if((real_ip==old->real_ip) && (vpn_mask==old->vpn_mask) && (port==old->port)) + { + if(debug_lvl>1) + syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"), + old->vpn_hostname, old->real_hostname, cl->vpn_hostname, cl->real_hostname); + goto skip_add_host; /* One goto a day keeps the deeply nested if constructions away. */ + } + else + { + if(debug_lvl>1) + syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"), + old->vpn_hostname, old->real_hostname); + old->status.active = 0; + terminate_connection(old); + } + } ncn = new_conn_list(); ncn->real_ip = real_ip; @@ -692,6 +722,8 @@ cp syslog(LOG_DEBUG, _("Got ADD_HOST for %s (%s) from %s (%s)"), ncn->vpn_hostname, ncn->real_hostname, cl->vpn_hostname, cl->real_hostname); +skip_add_host: + notify_others(ncn, cl, send_add_host); cp return 0; diff --git a/src/protocol.h b/src/protocol.h index c9137d69..110dde8a 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -16,7 +16,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.h,v 1.5.4.2 2000/06/25 15:22:16 guus Exp $ + $Id: protocol.h,v 1.5.4.3 2000/06/29 17:09:08 guus Exp $ */ #ifndef __TINC_PROTOCOL_H__ @@ -72,6 +72,7 @@ extern int send_termreq(conn_list_t *); extern int send_timeout(conn_list_t *); extern int send_key_request(ip_t); extern void send_key_changed_all(void); +extern int send_del_host(conn_list_t *, conn_list_t *); #endif /* __TINC_PROTOCOL_H__ */ diff --git a/src/tincd.c b/src/tincd.c index e4549ecb..5aafb965 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: tincd.c,v 1.10.4.3 2000/06/28 14:34:40 guus Exp $ + $Id: tincd.c,v 1.10.4.4 2000/06/29 17:09:08 guus Exp $ */ #include "config.h" @@ -485,11 +485,10 @@ setup_signals(void) signal(SIGINT, sigint_handler); signal(SIGUSR1, sigusr1_handler); signal(SIGUSR2, sigusr2_handler); - signal(SIGCHLD, parent_exit); +// signal(SIGCHLD, parent_exit); } RETSIGTYPE parent_exit(int a) { - syslog(LOG_NOTICE, _("Got SIGCHLD: exitting immediately")); exit(0); } -- 2.39.5