From ed397b6ac676329b237e219c806143cccf456b3c Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 14 Sep 2000 21:51:21 +0000 Subject: [PATCH] First round of needed fixes after the overhaul --- src/net.c | 99 ++++++++++++++++++--------- src/net.h | 13 +++- src/netutl.c | 12 ++-- src/protocol.c | 182 ++++++++++++++++++++++++++++--------------------- 4 files changed, 187 insertions(+), 119 deletions(-) diff --git a/src/net.c b/src/net.c index a5989c36..1ef53010 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.28 2000/09/14 11:54:50 guus Exp $ + $Id: net.c,v 1.35.4.29 2000/09/14 21:51:19 zarq Exp $ */ #include "config.h" @@ -103,7 +103,8 @@ cp rp.len = htons(rp.len); if(debug_lvl > 3) - syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"), ntohs(rp.len), cl->id, cl->hostname); + syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"), + ntohs(rp.len), cl->name, cl->hostname); total_socket_out += ntohs(rp.len); @@ -114,7 +115,8 @@ cp if((send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0) { - syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"), + cl->name, cl->hostname); return -1; } cp @@ -130,7 +132,8 @@ cp add_mac_addresses(&vp); if(debug_lvl > 3) - syslog(LOG_ERR, _("Receiving packet of %d bytes from %s (%s)"), ((real_packet_t*)packet)->len, cl->id, cl->hostname); + syslog(LOG_ERR, _("Receiving packet of %d bytes from %s (%s)"), + ((real_packet_t*)packet)->len, cl->name, cl->hostname); if((lenin = write(tap_fd, &vp, vp.len + sizeof(vp.len))) < 0) syslog(LOG_ERR, _("Can't write to tap device: %m")); @@ -251,14 +254,16 @@ cp if(cl->sq) { if(debug_lvl > 3) - syslog(LOG_DEBUG, _("Flushing send queue for %s (%s)"), cl->id, cl->hostname); + syslog(LOG_DEBUG, _("Flushing send queue for %s (%s)"), + cl->name, cl->hostname); flush_queue(cl, &(cl->sq), xsend); } if(cl->rq) { if(debug_lvl > 3) - syslog(LOG_DEBUG, _("Flushing receive queue for %s (%s)"), cl->id, cl->hostname); + syslog(LOG_DEBUG, _("Flushing receive queue for %s (%s)"), + cl->name, cl->hostname); flush_queue(cl, &(cl->rq), xrecv); } cp @@ -308,7 +313,8 @@ cp if(cl->flags & INDIRECTDATA) { if(debug_lvl > 3) - syslog(LOG_NOTICE, _("Indirect packet to %s via %s"), cl->id, cl->hostname); + syslog(LOG_NOTICE, _("Indirect packet to %s via %s"), + cl->name, cl->hostname); if((cl = lookup_conn(cl->real_ip)) == NULL) { if(debug_lvl > 3) @@ -332,14 +338,16 @@ cp if(!cl->status.dataopen) if(setup_vpn_connection(cl) < 0) { - syslog(LOG_ERR, _("Could not open UDP connection to %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Could not open UDP connection to %s (%s)"), + cl->name, cl->hostname); return -1; } if(!cl->status.validkey) { if(debug_lvl > 3) - syslog(LOG_INFO, _("%s (%s) has no valid key, queueing packet"), cl->id, cl->hostname); + syslog(LOG_INFO, _("%s (%s) has no valid key, queueing packet"), + cl->name, cl->hostname); add_queue(&(cl->sq), packet, packet->len + 2); if(!cl->status.waitingforkey) send_key_request(cl->vpn_ip); /* Keys should be sent to the host running the tincd */ @@ -349,7 +357,8 @@ cp if(!cl->status.active) { if(debug_lvl > 3) - syslog(LOG_INFO, _("%s (%s) is not ready, queueing packet"), cl->id, cl->hostname); + syslog(LOG_INFO, _("%s (%s) is not ready, queueing packet"), + cl->name, cl->hostname); add_queue(&(cl->sq), packet, packet->len + 2); return 0; /* We don't want to mess up, do we? */ } @@ -600,11 +609,15 @@ cp } myself->vpn_ip = cfg->data.ip->ip; - myself->vpn_hostname = hostlookup(htonl(myself->vpn_ip)); myself->hostname = hostlookup(htonl(myself->vpn_ip)); myself->vpn_mask = cfg->data.ip->mask; myself->flags = 0; + if(!(cfg = get_config_val(tincname))) + asprintf(&(myself->name), IP_ADDR_S, IP_ADDR_V(myself->vpn_ip)); + else + myself->name = (char*)cfg->data.val; + if(!(cfg = get_config_val(listenport))) myself->port = 655; else @@ -773,7 +786,8 @@ cp flags = fcntl(nfd, F_GETFL); if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0) { - syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd, cl->id, cl->hostname); + syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd, + cl->name, cl->hostname); return -1; } @@ -859,12 +873,15 @@ int handle_incoming_vpn_data(conn_list_t *cl) cp if(getsockopt(cl->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0) { - syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->socket, cl->id, cl->hostname); + syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), + __FILE__, __LINE__, cl->socket, + cl->name, cl->hostname); return -1; } if(x) { - syslog(LOG_ERR, _("Incoming data socket error for %s (%s): %s"), cl->id, cl->hostname, strerror(x)); + syslog(LOG_ERR, _("Incoming data socket error for %s (%s): %s"), + cl->name, cl->hostname, strerror(x)); return -1; } @@ -872,7 +889,8 @@ cp lenin = recvfrom(cl->socket, &rp, MTU, 0, NULL, NULL); if(lenin <= 0) { - syslog(LOG_ERR, _("Receiving packet from %s (%s) failed: %m"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Receiving packet from %s (%s) failed: %m"), + cl->name, cl->hostname); return -1; } total_socket_in += lenin; @@ -886,7 +904,8 @@ cp f = lookup_conn(rp.from); if(!f) { - syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"), cl->id, cl->hostname, IP_ADDR_V(rp.from)); + syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"), + cl->name, cl->hostname, IP_ADDR_V(rp.from)); return -1; } @@ -919,7 +938,8 @@ cp return; if(debug_lvl > 0) - syslog(LOG_NOTICE, _("Closing connection with %s (%s)"), cl->id, cl->hostname); + syslog(LOG_NOTICE, _("Closing connection with %s (%s)"), + cl->name, cl->hostname); if(cl->status.timeout) send_timeout(cl); @@ -992,7 +1012,8 @@ cp if(p->status.pinged && !p->status.got_pong) { if(debug_lvl > 1) - syslog(LOG_INFO, _("%s (%s) didn't respond to PING"), cl->id, cl->hostname); + syslog(LOG_INFO, _("%s (%s) didn't respond to PING"), + p->name, p->hostname); p->status.timeout = 1; terminate_connection(p); } @@ -1052,12 +1073,14 @@ int handle_incoming_meta_data(conn_list_t *cl) cp if(getsockopt(cl->meta_socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0) { - syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->meta_socket, cl->id, cl->hostname); + syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->meta_socket, + cl->name, cl->hostname); return -1; } if(x) { - syslog(LOG_ERR, _("Metadata socket error for %s (%s): %s"), cl->id, cl->hostname, strerror(x)); + syslog(LOG_ERR, _("Metadata socket error for %s (%s): %s"), + cl->name, cl->hostname, strerror(x)); return -1; } @@ -1070,14 +1093,16 @@ cp if(errno==0) { if(debug_lvl>DEBUG_CONNECTIONS) - syslog(LOG_NOTICE, _("Connection closed by %s (%s)"), cl->id, cl->hostname); + syslog(LOG_NOTICE, _("Connection closed by %s (%s)"), + cl->name, cl->hostname); } else - syslog(LOG_ERR, _("Metadata socket read error for %s (%s): %m"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Metadata socket read error for %s (%s): %m"), + cl->name, cl->hostname); return -1; } - if(cl->status.encrypted) + if(cl->status.encryptin) { /* FIXME: do decryption. */ } @@ -1102,28 +1127,34 @@ cp if(cl->reqlen) { if(debug_lvl > DEBUG_PROTOCOL) - syslog(LOG_DEBUG, _("Got request from %s (%s): %s"), cl->id, cl->hostname, cl->buffer); + syslog(LOG_DEBUG, _("Got request from %s (%s): %s"), + cl->name, cl->hostname, cl->buffer); if(sscanf(cl->buffer, "%d", &request) == 1) { if((request < 0) || (request > 255) || (request_handlers[request] == NULL)) { - syslog(LOG_ERR, _("Unknown request from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Unknown request from %s (%s)"), + cl->name, cl->hostname); return -1; } else { if(debug_lvl > DEBUG_PROTOCOL) - syslog(LOG_DEBUG, _("Got %s from %s (%s)"), request_name[request], cl->id, cl->hostname); - - if(request_handlers[request](cl)) /* Something went wrong. Probably scriptkiddies. Terminate. */ + syslog(LOG_DEBUG, _("Got %s from %s (%s)"), + request_name[request], cl->name, cl->hostname); + } + if(request_handlers[request](cl)) + /* Something went wrong. Probably scriptkiddies. Terminate. */ { - syslog(LOG_ERR, _("Error while processing %s from %s (%s)"), request_name[request], cl->id, cl->hostname); + syslog(LOG_ERR, _("Error while processing %s from %s (%s)"), + request_name[request], cl->name, cl->hostname); return -1; } } else { - syslog(LOG_ERR, _("Bogus data received from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Bogus data received from %s (%s)"), + cl->name, cl->hostname); return -1; } @@ -1139,7 +1170,8 @@ cp if(cl->buflen >= MAXBUFSIZE) { - syslog(LOG_ERR, _("Metadata read buffer overflow for %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Metadata read buffer overflow for %s (%s)"), + cl->name, cl->hostname); return -1; } @@ -1173,7 +1205,8 @@ cp I've once got here when it said `No route to host'. */ getsockopt(p->socket, SOL_SOCKET, SO_ERROR, &x, &l); - syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"), cl->id, cl->hostname, strerror(x)); + syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"), + p->name, p->hostname, strerror(x)); terminate_connection(p); return; } @@ -1272,6 +1305,8 @@ cp if(sighup) { sighup = 0; + if(debug_lvl > 1) + syslog(LOG_INFO, _("Rereading configuration file")); close_network_connections(); clear_config(); if(read_config_file(configfilename)) diff --git a/src/net.h b/src/net.h index 3b194cdb..af465f62 100644 --- a/src/net.h +++ b/src/net.h @@ -16,7 +16,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.h,v 1.9.4.10 2000/09/14 14:32:34 zarq Exp $ + $Id: net.h,v 1.9.4.11 2000/09/14 21:51:20 zarq Exp $ */ #ifndef __TINC_NET_H__ @@ -53,6 +53,7 @@ #define TCPONLY 0x0004 /* Tells sender to send packets over TCP instead of UDP (for firewalls) */ typedef unsigned long ip_t; +typedef unsigned short port_t; typedef short length_t; struct conn_list_t; @@ -95,9 +96,14 @@ typedef struct status_bits_t { int dataopen:1; /* 1 if we have a valid UDP connection open */ int encryptout:1; /* 1 if we can encrypt outgoing traffic */ int encryptin:1; /* 1 if we have to decrypt incoming traffic */ - int unused:19; + int encrypted:1; + int unused:18; } status_bits_t; +typedef struct option_bits_t { + int unused:32; +} option_bits_t; + typedef struct queue_element_t { void *packet; struct queue_element_t *prev; @@ -127,6 +133,7 @@ typedef struct conn_list_t { int meta_socket; /* our tcp meta socket */ int protocol_version; /* used protocol */ status_bits_t status; /* status info */ + option_bits_t options; /* options turned on for this connection */ passphrase_t *pp; /* encoded passphrase */ packet_queue_t *sq; /* pending outgoing packets */ packet_queue_t *rq; /* pending incoming packets (they have no @@ -141,7 +148,7 @@ typedef struct conn_list_t { int want_ping; /* 0 if there's no need to check for activity */ int allow_request; /* defined if there's only one request possible */ char *chal_answer; /* answer to the given challenge */ - enc_key_t *metakey; + enc_key_t *rsakey; struct conn_list_t *nexthop; /* nearest meta-hop in this direction */ struct conn_list_t *next; /* after all, it's a list of connections */ } conn_list_t; diff --git a/src/netutl.c b/src/netutl.c index d0ac628a..5f762920 100644 --- a/src/netutl.c +++ b/src/netutl.c @@ -16,7 +16,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: netutl.c,v 1.12.4.8 2000/09/06 11:49:05 guus Exp $ + $Id: netutl.c,v 1.12.4.9 2000/09/14 21:51:20 zarq Exp $ */ #include "config.h" @@ -90,10 +90,10 @@ cp destroy_queue(p->sq); if(p->rq) destroy_queue(p->rq); - if(p->vpn_hostname) - free(p->vpn_hostname); - if(p->real_hostname) - free(p->real_hostname); + if(p->name) + free(p->name); + if(p->hostname) + free(p->hostname); free_key(p->public_key); free_key(p->key); free(p); @@ -247,7 +247,7 @@ cp for(p = conn_list; p != NULL; p = p->next) { syslog(LOG_DEBUG, _("%s netmask %d.%d.%d.%d at %s port %hd flags %d sockets %d, %d status %04x"), - p->vpn_hostname, IP_ADDR_V(p->vpn_mask), p->real_hostname, p->port, p->flags, + p->name, IP_ADDR_V(p->vpn_mask), p->hostname, p->port, p->flags, p->socket, p->meta_socket, p->status); } cp diff --git a/src/protocol.c b/src/protocol.c index 0b76cc3d..836708ab 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.c,v 1.28.4.30 2000/09/14 11:54:51 guus Exp $ + $Id: protocol.c,v 1.28.4.31 2000/09/14 21:51:21 zarq Exp $ */ #include "config.h" @@ -36,6 +36,8 @@ #include +#include + #include "conf.h" #include "encr.h" #include "net.h" @@ -50,11 +52,13 @@ int send_request(conn_list_t *cl, const char *format, int request, /*args*/ ...) { va_list args; char *buffer = NULL; + int len; + cp if(debug_lvl >= DEBUG_PROTOCOL) - syslog(LOG_DEBUG, _("Sending %s to %s (%s)"), requestname[request], cl->id, cl->hostname); + syslog(LOG_DEBUG, _("Sending %s to %s (%s)"), request_name[request], cl->name, cl->hostname); - va_start(args, format); + va_start(args, request); len = vasprintf(&buffer, format, args); va_end(args); @@ -65,14 +69,15 @@ cp } if(debug_lvl >= DEBUG_META) - syslog(LOG_DEBUG, _("Sending meta data to %s (%s): %s"), cl->id, cl->hostname, buffer); + syslog(LOG_DEBUG, _("Sending meta data to %s (%s): %s"), + cl->name, cl->hostname, buffer); - if(cl->status.encrypted) + if(cl->status.encryptin) { /* FIXME: Do encryption */ } - if((write(cl->meta_socket, buffer, buflen)) < 0) + if((write(cl->meta_socket, buffer, len)) < 0) { syslog(LOG_ERR, _("Sending meta data failed: %m")); return -1; @@ -104,7 +109,8 @@ cp int send_id(conn_list_t *cl) { cp - return send_request(cl, "%d %s %d %s", ID, myself->id, myself->version, opt2str(myself->options)); + return send_request(cl, "%d %s %d %s", ID, + myself->name, myself->protocol_version, opt2str(myself->options)); } int id_h(conn_list_t *cl) @@ -112,7 +118,7 @@ int id_h(conn_list_t *cl) conn_list_t *old; char *options; cp - if(sscanf(cl->buffer, "%*d %as %d %as", &cl->id, &cl->version, &options) != 3) + if(sscanf(cl->buffer, "%*d %as %d %as", &cl->name, &cl->protocol_version, &options) != 3) { syslog(LOG_ERR, _("Got bad ID from %s"), cl->hostname); return -1; @@ -120,9 +126,10 @@ cp /* Check if version matches */ - if(cl->version != myself->version) + if(cl->protocol_version != myself->protocol_version) { - syslog(LOG_ERR, _("Peer %s uses incompatible version %d"), cl->hostname, cl->min_version, cl->max_version); + syslog(LOG_ERR, _("Peer %s (%s) uses incompatible version %d"), + cl->name, cl->hostname, cl->protocol_version); return -1; } @@ -136,7 +143,7 @@ cp /* Check if identity is a valid name */ - if(!check_id(cl->id)) + if(!check_id(cl->name)) { syslog(LOG_ERR, _("Peer %s uses invalid identity name"), cl->hostname); return -1; @@ -146,7 +153,7 @@ cp if(!read_id(cl)) { - syslog(LOG_ERR, _("Peer %s had unknown identity (%s)"), cl->hostname, cl->id); + syslog(LOG_ERR, _("Peer %s had unknown identity (%s)"), cl->hostname, cl->name); return -1; } @@ -158,10 +165,10 @@ cp if(cl->status.outgoing) { - if((old=lookup_id(cl->id))) + if((old = lookup_id(cl->name))) { if(debug_lvl > DEBUG_CONNECTIONS) - syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"), cl->id, cl->hostname); + syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"), cl->name, cl->hostname); cl->status.outgoing = 0; old->status.outgoing = 1; terminate_connection(cl); @@ -182,30 +189,30 @@ int send_challenge(conn_list_t *cl) int keylength; int x; cp - if(cl->chal_hash) - free(cl->chal_hash); + if(cl->chal_answer) + free(cl->chal_answer); /* Allocate buffers for the challenge and the hash */ - cl->chal_hash = xmalloc(SHA_DIGEST_LEN); - keylength = BN_num_bytes(cl->rsakey.n); + cl->chal_answer = xmalloc(SHA_DIGEST_LENGTH); + keylength = BN_num_bytes(cl->rsakey->length); buffer = xmalloc(keylength*2); /* Copy random data and the public key to the buffer */ RAND_bytes(buffer, keylength); - BN_bn2bin(cl->rsakey.n, buffer+keylength); + BN_bn2bin(cl->rsakey->length, buffer+keylength); /* If we don't have a blowfish key set yet, use the random data from the challenge to do so. */ - if(!cl->status.encrypted) + if(!cl->status.encryptin) { set_metakey(cl, buffer, keylength); } /* Calculate the hash from that */ - SHA1(buffer, keylength*2, cl->chal_hash); + SHA1(buffer, keylength*2, cl->chal_answer); /* Convert the random data to a hexadecimal formatted string */ @@ -217,7 +224,7 @@ cp cl->allow_request = CHAL_REPLY; x = send_request(cl, "%d %s", CHALLENGE, buffer); free(buffer); - cl->status.encrypted = 1; + cl->status.encryptout = 1; cp return x; } @@ -225,10 +232,12 @@ cp int challenge_h(conn_list_t *cl) { char *challenge; + int x; + cp - if(sscanf(cl->buffer, "%*d %as", &cl->id, &challenge) != 1) + if(sscanf(cl->buffer, "%*d %as", &cl->name, &challenge) != 1) { - syslog(LOG_ERR, _("Got bad CHALLENGE from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Got bad CHALLENGE from %s (%s)"), cl->name, cl->hostname); return -1; } @@ -246,26 +255,27 @@ int send_chal_reply(conn_list_t *cl, char *challenge) int keylength; char *hash; int x; + cp - keylength = BN_num_bytes(myself->rsakey.n); + keylength = BN_num_bytes(myself->rsakey->length); /* Check if the length of the challenge is all right */ if(strlen(challenge) != keylength*2) { - syslog(LOG_ERROR, _("Intruder: wrong challenge length from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Intruder: wrong challenge length from %s (%s)"), cl->name, cl->hostname); return -1; } /* Allocate buffers for the challenge and the hash */ buffer = xmalloc(keylength*2); - hash = xmalloc(SHA_DIGEST_LEN*2+1); + hash = xmalloc(SHA_DIGEST_LENGTH*2+1); /* Copy the incoming random data and our public key to the buffer */ hex2bin(challenge, buffer, keylength); - BN_bn2bin(myself->rsakey.n, buffer+keylength); + BN_bn2bin(myself->rsakey->length, buffer+keylength); /* Calculate the hash from that */ @@ -283,13 +293,13 @@ cp /* Convert the hash to a hexadecimal formatted string */ - bin2hex(hash,hash,SHA_DIGEST_LEN); - hash[SHA_DIGEST_LEN*2] = '\0'; + bin2hex(hash,hash,SHA_DIGEST_LENGTH); + hash[SHA_DIGEST_LENGTH*2] = '\0'; /* Send the reply */ if(cl->status.outgoing) - cl->allow_resuest = ID; + cl->allow_request = ID; else cl->allow_request = ACK; @@ -303,29 +313,29 @@ int chal_reply_h(conn_list_t *cl) { char *hash; cp - if(sscanf(cl->buffer, "%*d %as", &cl->id, &hash) != 2) + if(sscanf(cl->buffer, "%*d %as", &cl->name, &hash) != 2) { - syslog(LOG_ERR, _("Got bad CHAL_REPLY from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Got bad CHAL_REPLY from %s (%s)"), cl->name, cl->hostname); return -1; } /* Check if the length of the hash is all right */ - if(strlen(hash) != SHA_DIGEST_LEN*2) + if(strlen(hash) != SHA_DIGEST_LENGTH*2) { - syslog(LOG_ERROR, _("Intruder: wrong challenge reply length from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Intruder: wrong challenge reply length from %s (%s)"), cl->name, cl->hostname); return -1; } /* Convert the hash to binary format */ - hex2bin(hash, hash, SHA_DIGEST_LEN); + hex2bin(hash, hash, SHA_DIGEST_LENGTH); /* Verify the incoming hash with the calculated hash */ - if{!memcmp(hash, cl->chal_hash, SHA_DIGEST_LEN)} + if(!memcmp(hash, cl->chal_answer, SHA_DIGEST_LENGTH)) { - syslog(LOG_ERROR, _("Intruder: wrong challenge reply from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Intruder: wrong challenge reply from %s (%s)"), cl->name, cl->hostname); return -1; } @@ -335,7 +345,7 @@ cp */ free(hash); - free(cl->chal_hash); + free(cl->chal_answer); cp if(cl->status.outgoing) @@ -358,18 +368,19 @@ cp int ack_h(conn_list_t *cl) { - conn_list_t old; + conn_list_t *old; + cp /* Okay, before we active the connection, we check if there is another entry in the connection list with the same vpn_ip. If so, it presumably is an old connection that has timed out but we don't know it yet. */ - while((old = lookup_id(cl->id))) + while((old = lookup_id(cl->name))) { if(debug_lvl > DEBUG_CONNECTIONS) syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"), - cl->id, old->hostname, cl->hostname); + cl->name, old->hostname, cl->hostname); old->status.active = 0; terminate_connection(old); } @@ -380,7 +391,7 @@ cp cl->status.active = 1; if(debug_lvl > DEBUG_CONNECTIONS) - syslog(LOG_NOTICE, _("Connection with %s (%s) activated"), cl->id, cl->hostname); + syslog(LOG_NOTICE, _("Connection with %s (%s) activated"), cl->name, cl->hostname); /* Exchange information about other tinc daemons */ @@ -401,7 +412,10 @@ cp int send_add_subnet(conn_list_t *cl, conn_list_t *other, subnet_t *subnet) { cp - return send_request(cl, "%d %s %d %s", ADD_SUBNET, other->id, subnet->type, net2str(subnet)); +/* return send_request(cl, "%d %s %d %s", ADD_SUBNET, + other->name, subnet->type, net2str(subnet)); */ + return send_request(cl, "%d %s %s", ADD_SUBNET, + other->name, net2str(subnet)); } int add_subnet_h(conn_list_t *cl) @@ -411,7 +425,7 @@ int add_subnet_h(conn_list_t *cl) int send_del_subnet(conn_list_t *cl, conn_list_t *other, subnet_t *subnet) { cp - return send_request(cl, "%d %s %d %s", DEL_SUBNET, other->id, subnet->type, net2str(subnet)); + return send_request(cl, "%d %s %s", DEL_SUBNET, other->name, net2str(subnet)); } int del_subnet_h(conn_list_t *cl) @@ -423,7 +437,7 @@ int del_subnet_h(conn_list_t *cl) int send_add_host(conn_list_t *cl, conn_list_t *other) { cp - return send_request(cl, "%d %s %lx:%d %s", ADD_HOST, other->id, other->address, other->port, opt2str(other->options)); + return send_request(cl, "%d %s %lx:%d %s", ADD_HOST, other->name, other->real_ip, other->port, opt2str(other->options)); } int add_host_h(conn_list_t *cl) @@ -433,55 +447,57 @@ int add_host_h(conn_list_t *cl) cp new = new_conn_list(); - if(sscanf(cl->buffer, "%*d %as %lx:%d %as", &new->id, &new->address, &new->port, &options) != 4) + if(sscanf(cl->buffer, "%*d %as %lx:%d %as", &new->name, &new->real_ip, &new->port, &options) != 4) { - syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s)"), cl->name, cl->hostname); return -1; } /* Check if option string is valid */ - if((new->options = str2opt(options) == -1) + if((new->options = str2opt(options)) == -1) { - syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s): invalid option string"), cl->hostname); + syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s): invalid option string"), cl->name, cl->hostname); return -1; } /* Check if identity is a valid name */ - if(!check_id(new->id)) + if(!check_id(new->name)) { - syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s): invalid identity name"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s): invalid identity name"), cl->name, cl->hostname); return -1; } /* Check if somebody tries to add ourself */ - if(!strcmp(new->id, myself->id)) + if(!strcmp(new->name, myself->name)) { - syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"), cl->name, cl->hostname); sighup = 1; return 0; } /* Fill in more of the new conn_list structure */ - new->hostname = hostlookup(htonl(new->address)); + new->hostname = hostlookup(htonl(new->real_ip)); /* Check if the new host already exists in the connnection list */ - if((old = lookup_id(id)) + if((old = lookup_id(new->name))) { - if((new->address == old->address) && (new->port == old->port)) + if((new->real_ip == old->real_ip) && (new->port == old->port)) { if(debug_lvl > DEBUG_CONNECTIONS) - syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"), old->id, old->hostname, new->id, new->hostname); + syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"), + old->name, old->hostname, new->name, new->hostname); return 0; } else { if(debug_lvl > DEBUG_CONNECTIONS) - syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"), old->id, old->hostname); + syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"), + old->name, old->hostname); old->status.active = 0; terminate_connection(old); } @@ -507,7 +523,8 @@ cp int send_del_host(conn_list_t *cl, conn_list_t *other) { cp - return send_request(cl, "%d %s %lx:%d", DEL_HOST, other->id, other->address, other->port); + return send_request(cl, "%d %s %lx:%d", DEL_HOST, + other->name, other->real_ip, other->port); } int del_host_h(conn_list_t *cl) @@ -516,34 +533,37 @@ int del_host_h(conn_list_t *cl) ip_t address; port_t port; conn_list_t *old; + cp if(sscanf(cl->buffer, "%*d %as %lx:%d", &id, &address, &port) != 3) { - syslog(LOG_ERR, _("Got bad DEL_HOST from %s (%s)"), cl->id, cl->hostname); - return -1; + syslog(LOG_ERR, _("Got bad DEL_HOST from %s (%s)"), + cl->name, cl->hostname); + return -1; } /* Check if somebody tries to delete ourself */ - if(!strcmp(id, myself->id)) + if(!strcmp(id, myself->name)) { - syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"), + cl->name, cl->hostname); sighup = 1; return 0; } /* Check if the new host already exists in the connnection list */ - if((old = lookup_id(id)) + if((old = lookup_id(id))) { - if((address == old->address) && (port == old->port)) + if((address == old->real_ip) && (port == old->port)) { notify_others(old, cl, send_del_host); - fw->status.termreq = 1; - fw->status.active = 0; + old->status.termreq = 1; + old->status.active = 0; - terminate_connection(fw); + terminate_connection(old); cp return 0; } @@ -551,7 +571,8 @@ cp if(debug_lvl > DEBUG_CONNECTIONS) { - syslog(LOG_NOTICE, _("Got DEL_HOST for %s from %s (%s) which is not in our connection list"), id, cl->id, cl->hostname); + syslog(LOG_NOTICE, _("Got DEL_HOST for %s from %s (%s) which is not in our connection list"), + id, cl->name, cl->hostname); } cp return 0; @@ -581,7 +602,8 @@ cp if(debug_lvl > DEBUG_STATUS) { - syslog(LOG_NOTICE, _("Status message from %s (%s): %s: %s"), cl->id, cl->hostname, status_text[statusno], statusstring); + syslog(LOG_NOTICE, _("Status message from %s (%s): %s: %s"), + cl->name, cl->hostname, status_text[statusno], statusstring); } cp @@ -592,8 +614,8 @@ cp int send_error(conn_list_t *cl, int errno, char *errstring) { cp - if(!errorstring) - errorstring = error_text[errno]; + if(!errstring) + errstring = error_text[errno]; return send_request(cl, "%d %d %s", ERROR, errno, errstring); } @@ -604,13 +626,15 @@ int error_h(conn_list_t *cl) cp if(sscanf(cl->buffer, "%*d %d %as", &errno, &errorstring) != 2) { - syslog(LOG_ERR, _("Got bad error from %s (%s)"), cl->id, cl->hostname); + syslog(LOG_ERR, _("Got bad error from %s (%s)"), + cl->name, cl->hostname); return -1; } if(debug_lvl > DEBUG_error) { - syslog(LOG_NOTICE, _("Error message from %s (%s): %s: %s"), cl->id, cl->hostname, error_text[errno], errorstring); + syslog(LOG_NOTICE, _("Error message from %s (%s): %s: %s"), + cl->name, cl->hostname, error_text[errno], errorstring); } free(errorstring); @@ -673,7 +697,8 @@ cp for(p = conn_list; p != NULL; p = p->next) { if(p!=cl && p->status.meta && p->status.active) - send_request(p, "%d %s", KEY_CHANGED, from->id); + send_request(p, "%d %s", KEY_CHANGED, + from->name); } cp return 0; @@ -686,8 +711,9 @@ int key_changed_h(conn_list_t *cl) cp if(sscanf(cl->buffer, "%*d %as", &from_id) != 1) { - syslog(LOG_ERR, _("Got bad KEY_CHANGED from %s (%s)"), cl->id, cl->hostname); - return -1; + syslog(LOG_ERR, _("Got bad KEY_CHANGED from %s (%s)"), + cl->name, cl->hostname); + return -1; } if(!(from = lookup_id(from_id))) -- 2.39.5