- setup the socket for incoming encrypted
- data (the udp part)
-*/
-int setup_vpn_in_socket(int port)
-{
- int nfd, flags;
- struct sockaddr_in a;
- const int one = 1;
-cp
- if((nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
- {
- syslog(LOG_ERR, _("Creating socket failed: %m"));
- return -1;
- }
-
- if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
- {
- syslog(LOG_ERR, _("setsockopt: %m"));
- return -1;
- }
-
- flags = fcntl(nfd, F_GETFL);
- if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
- {
- syslog(LOG_ERR, _("fcntl: %m"));
- return -1;
- }
-
- memset(&a, 0, sizeof(a));
- a.sin_family = AF_INET;
- a.sin_port = htons(port);
- a.sin_addr.s_addr = htonl(INADDR_ANY);
-
- if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
- {
- syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), port);
- return -1;
- }
-cp
- return nfd;
-}
-
-/*
- setup an outgoing meta (tcp) socket
-*/
-int setup_outgoing_meta_socket(conn_list_t *cl)
-{
- int flags;
- struct sockaddr_in a;
- config_t const *cfg;
-cp
- if(debug_lvl >= DEBUG_CONNECTIONS)
- syslog(LOG_INFO, _("Trying to connect to %s"), cl->hostname);
-
- if((cfg = get_config_val(cl->config, port)) == NULL)
- cl->port = 655;
- else
- cl->port = cfg->data.val;
-
- cl->meta_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
- if(cl->meta_socket == -1)
- {
- syslog(LOG_ERR, _("Creating socket for %s port %d failed: %m"),
- cl->hostname, cl->port);
- return -1;
- }
-
- a.sin_family = AF_INET;
- a.sin_port = htons(cl->port);
- a.sin_addr.s_addr = htonl(cl->address);
-
- if(connect(cl->meta_socket, (struct sockaddr *)&a, sizeof(a)) == -1)
- {
- syslog(LOG_ERR, _("%s port %hd: %m"), cl->hostname, cl->port);
- return -1;
- }
-
- flags = fcntl(cl->meta_socket, F_GETFL);
- if(fcntl(cl->meta_socket, F_SETFL, flags | O_NONBLOCK) < 0)
- {
- syslog(LOG_ERR, _("fcntl for %s port %d: %m"),
- cl->hostname, cl->port);
- return -1;
- }
-
- if(debug_lvl >= DEBUG_CONNECTIONS)
- syslog(LOG_INFO, _("Connected to %s port %hd"),
- cl->hostname, cl->port);
-
- cl->status.meta = 1;
-cp
- return 0;
-}
-
-/*
- setup an outgoing connection. It's not
- necessary to also open an udp socket as
- well, because the other host will initiate
- an authentication sequence during which
- we will do just that.
-*/
-int setup_outgoing_connection(char *name)
-{
- conn_list_t *ncn;
- struct hostent *h;
- config_t *cfg;
-cp
- if(check_id(name))
- {
- syslog(LOG_ERR, _("Invalid name for outgoing connection"));
- return -1;
- }
-
- ncn = new_conn_list();
- asprintf(&ncn->name, "%s", name);
-
- if(read_host_config(ncn))
- {
- syslog(LOG_ERR, _("Error reading host configuration file for %s"));
- free_conn_list(ncn);
- return -1;
- }
-
- if(!(cfg = get_config_val(ncn->config, address)))
- {
- syslog(LOG_ERR, _("No address specified for %s"));
- free_conn_list(ncn);
- return -1;
- }
-
- if(!(h = gethostbyname(cfg->data.ptr)))
- {
- syslog(LOG_ERR, _("Error looking up `%s': %m"), cfg->data.ptr);
- free_conn_list(ncn);
- return -1;
- }
-
- ncn->address = ntohl(*((ip_t*)(h->h_addr_list[0])));
- ncn->hostname = hostlookup(htonl(ncn->address));
-
- if(setup_outgoing_meta_socket(ncn) < 0)
- {
- syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
- ncn->hostname);
- free_conn_list(ncn);
- return -1;
- }
-
- ncn->status.outgoing = 1;
- ncn->buffer = xmalloc(MAXBUFSIZE);
- ncn->buflen = 0;
- ncn->last_ping_time = time(NULL);
- ncn->want_ping = 0;
-
- conn_list_add(ncn);
-
- send_id(ncn);
-cp
- return 0;
-}
-
-/*
- set up the local sockets (listen only)
-*/
-int setup_myself(void)
-{
- config_t const *cfg;
-cp
- myself = new_conn_list();
-
- asprintf(&myself->hostname, "MYSELF"); /* FIXME? Do hostlookup on ourselves? */
- myself->flags = 0;
- myself->protocol_version = PROT_CURRENT;
-
- if(!(cfg = get_config_val(config, tincname))) /* Not acceptable */
- {
- syslog(LOG_ERR, _("Name for tinc daemon required!"));
- return -1;
- }
- else
- asprintf(&myself->name, "%s", (char*)cfg->data.val);
-
- if(check_id(myself->name))
- {
- syslog(LOG_ERR, _("Invalid name for myself!"));
- return -1;
- }
-cp
- if(!(cfg = get_config_val(config, privatekey)))
- {
- syslog(LOG_ERR, _("Private key for tinc daemon required!"));
- return -1;
- }
- else
- {
- myself->rsa_key = RSA_new();
- BN_hex2bn(&myself->rsa_key->d, cfg->data.ptr);
- BN_hex2bn(&myself->rsa_key->e, "FFFF");
- }
-
- if(read_host_config(myself))
- {
- syslog(LOG_ERR, _("Cannot open host configuration file for myself!"));
- return -1;
- }
-cp
- if(!(cfg = get_config_val(myself->config, publickey)))
- {
- syslog(LOG_ERR, _("Public key for tinc daemon required!"));
- return -1;
- }
- else
- {
- BN_hex2bn(&myself->rsa_key->n, cfg->data.ptr);
- }
-/*
- if(RSA_check_key(myself->rsa_key) != 1)
- {
- syslog(LOG_ERR, _("Invalid public/private keypair!"));
- return -1;
- }