From 9c2f805255fa36b05e8fe9391f639581d938b653 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 24 Oct 2000 15:46:18 +0000 Subject: [PATCH] - Lots of little stuff modified - Succesfully reads in subnets from host config file now and adds them to the list. --- src/conf.c | 19 ++---------- src/conf.h | 10 +++--- src/connlist.c | 14 ++++++++- src/meta.c | 14 +++++---- src/net.c | 84 ++++++++++++++++++++++++++++---------------------- src/netutl.c | 4 +-- src/protocol.c | 3 +- src/subnet.c | 66 ++++++++++++++++++++++++++++++--------- 8 files changed, 130 insertions(+), 84 deletions(-) diff --git a/src/conf.c b/src/conf.c index 641ce3f8..1536b583 100644 --- a/src/conf.c +++ b/src/conf.c @@ -19,7 +19,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: conf.c,v 1.9.4.16 2000/10/22 13:47:41 zarq Exp $ + $Id: conf.c,v 1.9.4.17 2000/10/24 15:46:15 guus Exp $ */ @@ -69,7 +69,7 @@ static internal_config_t hazahaza[] = { { "Address", address, TYPE_NAME }, { "Port", port, TYPE_INT }, { "PublicKey", publickey, TYPE_NAME }, - { "Subnet", subnet, TYPE_NAME }, + { "Subnet", subnet, TYPE_IP }, /* Use IPv4 subnets only for now */ { "RestrictHosts", restricthosts, TYPE_BOOL }, { "RestrictSubnets", restrictsubnets, TYPE_BOOL }, { "RestrictAddress", restrictaddress, TYPE_BOOL }, @@ -237,21 +237,6 @@ cp return p; } -/* - Support for multiple config lines. - Index is used to get a specific value, 0 being the first, 1 the second etc. -*/ -const config_t *get_next_config_val(config_t *p, which_t type, int index) -{ -cp - for(; p != NULL; p = p->next) - if(p->which == type) - if(--index < 0) - break; -cp - return p; -} - /* Remove the complete configuration tree. */ diff --git a/src/conf.h b/src/conf.h index 15170576..c1db544e 100644 --- a/src/conf.h +++ b/src/conf.h @@ -17,17 +17,19 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: conf.h,v 1.6.4.13 2000/10/15 00:59:34 guus Exp $ + $Id: conf.h,v 1.6.4.14 2000/10/24 15:46:16 guus Exp $ */ #ifndef __TINC_CONF_H__ #define __TINC_CONF_H__ +#include "net.h" + #define MAXTIMEOUT 900 /* Maximum timeout value for retries. Should this be a configuration option? */ typedef struct ip_mask_t { - unsigned long ip; - unsigned long mask; + ipv4_t address; + ipv4_t mask; } ip_mask_t; typedef enum which_t { @@ -86,7 +88,6 @@ enum { extern config_t *config; extern int debug_lvl; extern int timeout; -extern int upstreamindex; extern int sighup; extern char *confbase; extern char *netname; @@ -94,7 +95,6 @@ extern char *netname; extern config_t *add_config_val(config_t **, int, char *); extern int read_config_file(config_t **, const char *); extern const config_t *get_config_val(config_t *, which_t type); -extern const config_t *get_next_config_val(config_t *, which_t type, int); extern void clear_config(); extern int read_server_config(void); diff --git a/src/connlist.c b/src/connlist.c index 9da2d6d1..b3bb3c46 100644 --- a/src/connlist.c +++ b/src/connlist.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: connlist.c,v 1.1.2.7 2000/10/20 15:34:34 guus Exp $ + $Id: connlist.c,v 1.1.2.8 2000/10/24 15:46:16 guus Exp $ */ #include @@ -196,11 +196,23 @@ void dump_conn_list(void) cp syslog(LOG_DEBUG, _("Connection list:")); + syslog(LOG_DEBUG, _("%s at %s port %hd flags %d sockets %d, %d status %04x"), + myself->name, myself->hostname, myself->port, myself->flags, + myself->socket, myself->meta_socket, myself->status); + + for(s = myself->subnets; s != NULL; s = s->next) + { + netstr = net2str(s); + syslog(LOG_DEBUG, ": %s", netstr); + free(netstr); + } + for(p = conn_list; p != NULL; p = p->next) { syslog(LOG_DEBUG, _("%s at %s port %hd flags %d sockets %d, %d status %04x"), p->name, p->hostname, p->port, p->flags, p->socket, p->meta_socket, p->status); + for(s = p->subnets; s != NULL; s = s->next) { netstr = net2str(s); diff --git a/src/meta.c b/src/meta.c index 31a387a0..bc9d0b52 100644 --- a/src/meta.c +++ b/src/meta.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: meta.c,v 1.1.2.5 2000/10/21 11:52:06 guus Exp $ + $Id: meta.c,v 1.1.2.6 2000/10/24 15:46:16 guus Exp $ */ #include "config.h" @@ -43,13 +43,14 @@ cp cl->name, cl->hostname, buffer); buffer[length-1]='\n'; - +/* if(cl->status.encryptout) { EVP_EncryptUpdate(cl->cipher_outctx, outbuf, &outlen, buffer, length); bufp = outbuf; } else +*/ bufp = buffer; if(write(cl->meta_socket, bufp, length) < 0) @@ -92,10 +93,11 @@ cp cl->name, cl->hostname, strerror(x)); return -1; } - +/* if(cl->status.decryptin) bufp = inbuf; else +*/ bufp = cl->buffer + cl->buflen; lenin = read(cl->meta_socket, bufp, MAXBUFSIZE - cl->buflen); @@ -115,12 +117,12 @@ cp cl->name, cl->hostname); return -1; } - +/* if(cl->status.decryptin) { EVP_DecryptUpdate(cl->cipher_inctx, cl->buffer + cl->buflen, NULL, inbuf, lenin); } - +*/ oldlen = cl->buflen; cl->buflen += lenin; @@ -140,7 +142,7 @@ cp if(cl->reqlen) { - if(debug_lvl >= DEBUG_PROTOCOL) + if(debug_lvl >= DEBUG_META) syslog(LOG_DEBUG, _("Got request from %s (%s): %s"), cl->name, cl->hostname, cl->buffer); diff --git a/src/net.c b/src/net.c index 47c185d4..ae6fbed8 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.44 2000/10/22 13:37:15 zarq Exp $ + $Id: net.c,v 1.35.4.45 2000/10/24 15:46:16 guus Exp $ */ #include "config.h" @@ -62,7 +62,7 @@ int total_tap_out = 0; int total_socket_in = 0; int total_socket_out = 0; -int upstreamindex = 0; +config_t *upstreamcfg; static int seconds_till_retry; char *unknown = NULL; @@ -127,19 +127,16 @@ int xrecv(vpn_packet_t *inpkt) vpn_packet_t outpkt; int outlen, outpad; cp - if(debug_lvl > DEBUG_TRAFFIC) - syslog(LOG_ERR, _("Receiving packet of %d bytes"), - inpkt->len); - outpkt.len = inpkt->len; EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, NULL); EVP_DecryptUpdate(myself->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len); - /* FIXME: grok DecryptFinal EVP_DecryptFinal(myself->cipher_pktctx, outpkt.data + outlen, &outpad); - */ + outlen += outpad; + /* FIXME sometime add_mac_addresses(&outpkt); - + */ + if(write(tap_fd, outpkt.data, outpkt.len) < 0) syslog(LOG_ERR, _("Can't write to tap device: %m")); else @@ -438,7 +435,7 @@ cp a.sin_port = htons(port); if((cfg = get_config_val(config, interfaceip))) - a.sin_addr.s_addr = htonl(cfg->data.ip->ip); + a.sin_addr.s_addr = htonl(cfg->data.ip->address); else a.sin_addr.s_addr = htonl(INADDR_ANY); @@ -620,11 +617,13 @@ cp } /* - set up the local sockets (listen only) + Configure conn_list_t myself and set up the local sockets (listen only) */ int setup_myself(void) { config_t const *cfg; + subnet_t *net; + int i; cp myself = new_conn_list(); @@ -693,6 +692,18 @@ cp if(cfg->data.val == stupid_true) myself->flags |= TCPONLY; +/* Read in all the subnets specified in the host configuration file */ + + for(cfg = myself->config; cfg = get_config_val(cfg, subnet); cfg = cfg->next) + { + net = new_subnet(); + net->type = SUBNET_IPV4; + net->net.ipv4.address = cfg->data.ip->address; + net->net.ipv4.mask = cfg->data.ip->mask; + + subnet_add(myself, net); + } + if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) { syslog(LOG_ERR, _("Unable to set up a listening socket!")); @@ -718,24 +729,25 @@ sigalrm_handler(int a) { config_t const *cfg; cp - cfg = get_next_config_val(config, connectto, upstreamindex++); + cfg = get_config_val(upstreamcfg, connectto); - if(!upstreamindex && !cfg) + if(!cfg && upstreamcfg == myself->config) /* No upstream IP given, we're listen only. */ return; while(cfg) { + upstreamcfg = cfg->next; if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */ { signal(SIGALRM, SIG_IGN); return; } - cfg = get_next_config_val(config, connectto, upstreamindex++); /* Or else we try the next ConnectTo line */ + cfg = get_config_val(upstreamcfg, connectto); /* Or else we try the next ConnectTo line */ } signal(SIGALRM, sigalrm_handler); - upstreamindex = 0; + upstreamcfg = myself->config; seconds_till_retry += 5; if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */ seconds_till_retry = MAXTIMEOUT; @@ -781,19 +793,20 @@ cp free(scriptname); - if((cfg = get_next_config_val(config, connectto, upstreamindex++)) == NULL) + if(!(cfg = get_config_val(myself->config, connectto))) /* No upstream IP given, we're listen only. */ return 0; while(cfg) { + upstreamcfg = cfg->next; if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */ return 0; - cfg = get_next_config_val(config, connectto, upstreamindex++); /* Or else we try the next ConnectTo line */ + cfg = get_config_val(upstreamcfg, connectto); /* Or else we try the next ConnectTo line */ } signal(SIGALRM, sigalrm_handler); - upstreamindex = 0; + upstreamcfg = myself->config; seconds_till_retry = MAXTIMEOUT; syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry); alarm(seconds_till_retry); @@ -968,6 +981,8 @@ int handle_incoming_vpn_data() vpn_packet_t pkt; int lenin; int x, l = sizeof(x); + struct sockaddr from; + socklen_t fromlen = sizeof(from); cp if(getsockopt(myself->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0) { @@ -981,12 +996,18 @@ cp return -1; } - if(recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, NULL, NULL) <= 0) + if(recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, &from, &fromlen) <= 0) { syslog(LOG_ERR, _("Receiving packet failed: %m")); return -1; } - +/* + if(debug_lvl >= DEBUG_TRAFFIC) + { + syslog(LOG_DEBUG, _("Received packet of %d bytes from %d.%d.%d.%d"), pkt.len, + from.sa_addr[0], from.sa_addr[1], from.sa_addr[2], from.sa_addr[3]); + } +*/ cp return xrecv(&pkt); } @@ -1181,11 +1202,8 @@ cp void handle_tap_input(void) { vpn_packet_t vp; - ip_t from, to; - int ether_type, lenin; + int lenin; cp - memset(&vp, 0, sizeof(vp)); - if(taptype = 1) { if((lenin = read(tap_fd, vp.data, MTU)) <= 0) @@ -1207,25 +1225,19 @@ cp total_tap_in += lenin; - ether_type = ntohs(*((unsigned short*)(&vp.data[12]))); - if(ether_type != 0x0800) - { - if(debug_lvl >= DEBUG_TRAFFIC) - syslog(LOG_INFO, _("Non-IP ethernet frame %04x from %02x:%02x:%02x:%02x:%02x:%02x"), ether_type, MAC_ADDR_V(vp.data[6])); - return; - } - if(lenin < 32) { if(debug_lvl >= DEBUG_TRAFFIC) - syslog(LOG_INFO, _("Dropping short packet from %02x:%02x:%02x:%02x:%02x:%02x"), MAC_ADDR_V(vp.data[6])); + syslog(LOG_WARNING, _("Received short packet from tap device")); return; } - from = ntohl(*((unsigned long*)(&vp.data[26]))); - to = ntohl(*((unsigned long*)(&vp.data[30]))); + if(debug_lvl >= DEBUG_TRAFFIC) + { + syslog(LOG_DEBUG, _("Read packet of length %d from tap device"), vp.len); + } - send_packet(to, &vp); +// route_packet(&vp); cp } diff --git a/src/netutl.c b/src/netutl.c index 5f627706..ff6114c2 100644 --- a/src/netutl.c +++ b/src/netutl.c @@ -16,7 +16,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: netutl.c,v 1.12.4.12 2000/10/11 22:01:00 guus Exp $ + $Id: netutl.c,v 1.12.4.13 2000/10/24 15:46:17 guus Exp $ */ #include "config.h" @@ -125,7 +125,7 @@ cp } ip = xmalloc(sizeof(*ip)); - ip->ip = ntohl(*((ip_t*)(h->h_addr_list[0]))); + ip->address = ntohl(*((ip_t*)(h->h_addr_list[0]))); ip->mask = masker ? ~((1 << (32 - masker)) - 1) : 0; cp diff --git a/src/protocol.c b/src/protocol.c index b19e5725..fe0d180e 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.c,v 1.28.4.44 2000/10/21 11:52:07 guus Exp $ + $Id: protocol.c,v 1.28.4.45 2000/10/24 15:46:17 guus Exp $ */ #include "config.h" @@ -469,7 +469,6 @@ cp notify_others(cl, NULL, send_add_host); notify_one(cl); */ - upstreamindex = 0; cp if(cl->status.outgoing) diff --git a/src/subnet.c b/src/subnet.c index 12b78ef8..fbcfba7f 100644 --- a/src/subnet.c +++ b/src/subnet.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: subnet.c,v 1.1.2.4 2000/10/15 00:59:37 guus Exp $ + $Id: subnet.c,v 1.1.2.5 2000/10/24 15:46:18 guus Exp $ */ #include "config.h" @@ -45,13 +45,48 @@ cp void subnet_add(conn_list_t *cl, subnet_t *subnet) { + subnet_t *p = NULL; + subnet_t *q = NULL; cp - /* FIXME: do sorting on netmask size if necessary */ + subnet->owner = cl; - subnet->next = cl->subnets->next; - subnet->prev = NULL; - subnet->next->prev = subnet; - cl->subnets = subnet; + /* Sort on size of subnet mask (IPv4 only at the moment!) + + Three cases: cl->subnets = NULL -> just add this subnet + insert before first -> add it in front of list + rest: insert after another subnet + */ + + if(cl->subnets) + { + p = q = cl->subnets; + + for(; p; p = p->next) + { + if(subnet->net.ipv4.mask >= p->net.ipv4.mask) + break; + + q = p; + } + } + + if(!cl->subnets || p == cl->subnets) /* First two cases */ + { + /* Insert in front */ + subnet->next = cl->subnets; + subnet->prev = NULL; + cl->subnets = subnet; + } + else /* Third case */ + { + /* Insert after q */ + subnet->next = q->next; + subnet->prev = q; + q->next = subnet; + } + + if(subnet->next) + subnet->next->prev = subnet; cp } @@ -59,15 +94,13 @@ void subnet_del(subnet_t *subnet) { cp if(subnet->prev) - { - subnet->prev->next = subnet->next; - } + subnet->prev->next = subnet->next; else - { - subnet->owner->subnets = subnet->next; - } + subnet->owner->subnets = subnet->next; + + if(subnet->next) + subnet->next->prev = subnet->prev; - subnet->next->prev = subnet->prev; free_subnet(subnet); cp } @@ -100,7 +133,7 @@ cp } break; case SUBNET_IPV4: - if(sscanf(subnetstr, "%d,%lx:%lx", &subnet->type, &subnet->net.ipv4.address, &subnet->net.ipv4.mask) != 3) + if(sscanf(subnetstr, "%d,%lx/%lx", &subnet->type, &subnet->net.ipv4.address, &subnet->net.ipv4.mask) != 3) { free_subnet(subnet); return NULL; @@ -152,8 +185,10 @@ cp subnet->net.mac.address.x[3], subnet->net.mac.address.x[4], subnet->net.mac.address.x[5]); + break; case SUBNET_IPV4: - asprintf(&netstr, "%d,%lx:%lx", subnet->type, subnet->net.ipv4.address, subnet->net.ipv4.mask); + asprintf(&netstr, "%d,%lx/%lx", subnet->type, subnet->net.ipv4.address, subnet->net.ipv4.mask); + break; case SUBNET_IPV6: asprintf(&netstr, "%d,%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx/%hx:%hx:%hx:%hx:%hx:%hx:%hx:%hx", subnet->net.ipv6.address.x[0], @@ -172,6 +207,7 @@ cp subnet->net.ipv6.mask.x[5], subnet->net.ipv6.mask.x[6], subnet->net.ipv6.mask.x[7]); + break; default: netstr = NULL; } -- 2.39.5