X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=6becfbb405ac29c400c92247bd281a7e41cc6c33;hb=5cbef906209eb5005f821af8f55a6f5d7e7d060c;hp=23dd2521c74b465cdc64405ea79b3f821e3040aa;hpb=36cec9af88909cb2cf012d609e5c4d8c444ddab9;p=tinc

diff --git a/src/net_setup.c b/src/net_setup.c
index 23dd2521..6becfbb4 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,7 +1,7 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2015 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2017 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
@@ -43,8 +43,11 @@
 #include "utils.h"
 #include "xalloc.h"
 
+#ifdef HAVE_MINIUPNPC
+#include "upnp.h"
+#endif
+
 char *myport;
-static char *myname;
 static io_t device_io;
 devops_t devops;
 bool device_standby = false;
@@ -320,10 +323,7 @@ void regenerate_key(void) {
 		n->status.validkey_in = false;
 }
 
-/*
-  Read Subnets from all host config files
-*/
-void load_all_subnets(void) {
+void load_all_nodes(void) {
 	DIR *dir;
 	struct dirent *ent;
 	char dname[PATH_MAX];
@@ -340,10 +340,6 @@ void load_all_subnets(void) {
 			continue;
 
 		node_t *n = lookup_node(ent->d_name);
-		#ifdef _DIRENT_HAVE_D_TYPE
-		//if(ent->d_type != DT_REG)
-		//	continue;
-		#endif
 
 		splay_tree_t *config_tree;
 		init_configuration(&config_tree);
@@ -356,55 +352,31 @@ void load_all_subnets(void) {
 			node_add(n);
 		}
 
-		for(config_t *cfg = lookup_config(config_tree, "Subnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
-			subnet_t *s, *s2;
+		if(strictsubnets) {
+			for(config_t *cfg = lookup_config(config_tree, "Subnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
+				subnet_t *s, *s2;
 
-			if(!get_config_subnet(cfg, &s))
-				continue;
+				if(!get_config_subnet(cfg, &s))
+					continue;
 
-			if((s2 = lookup_subnet(n, s))) {
-				s2->expires = -1;
-				free(s);
-			} else {
-				subnet_add(n, s);
+				if((s2 = lookup_subnet(n, s))) {
+					s2->expires = -1;
+					free(s);
+				} else {
+					subnet_add(n, s);
+				}
 			}
 		}
 
-		exit_configuration(&config_tree);
-	}
-
-	closedir(dir);
-}
-
-void load_all_nodes(void) {
-	DIR *dir;
-	struct dirent *ent;
-	char dname[PATH_MAX];
-
-	snprintf(dname, sizeof dname, "%s" SLASH "hosts", confbase);
-	dir = opendir(dname);
-	if(!dir) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
-		return;
-	}
-
-	while((ent = readdir(dir))) {
-		if(!check_id(ent->d_name))
-			continue;
+		if(lookup_config(config_tree, "Address"))
+			n->status.has_address = true;
 
-		node_t *n = lookup_node(ent->d_name);
-		if(n)
-			continue;
-
-		n = new_node();
-		n->name = xstrdup(ent->d_name);
-		node_add(n);
+		exit_configuration(&config_tree);
 	}
 
 	closedir(dir);
 }
 
-
 char *get_name(void) {
 	char *name = NULL;
 	char *returned_name;
@@ -587,9 +559,14 @@ bool setup_myself_reloadable(void) {
 		subnet_add(NULL, s);
 	}
 
-#if !defined(SOL_IP) || !defined(IP_TOS)
+#if !defined(IPPROTO_IP) || !defined(IP_TOS)
+	if(priorityinheritance)
+		logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform for IPv4 connections", "PriorityInheritance");
+#endif
+
+#if !defined(IPPROTO_IPV6) || !defined(IPV6_TCLASS)
 	if(priorityinheritance)
-		logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform", "PriorityInheritance");
+		logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform for IPv6 connections", "PriorityInheritance");
 #endif
 
 	if(!get_config_int(lookup_config(config_tree, "MACExpire"), &macexpire))
@@ -698,7 +675,7 @@ static bool add_listen_address(char *address, bool bindto) {
 
 		int udp_fd = setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
 
-		if(tcp_fd < 0) {
+		if(udp_fd < 0) {
 			close(tcp_fd);
 			continue;
 		}
@@ -727,29 +704,17 @@ void device_enable(void) {
 
 	/* Run tinc-up script to further initialize the tap interface */
 
-	char *envp[5] = {NULL};
-	xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
-	xasprintf(&envp[1], "DEVICE=%s", device ? : "");
-	xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
-	xasprintf(&envp[3], "NAME=%s", myname);
-
-	execute_script("tinc-up", envp);
-
-	for(int i = 0; i < 4; i++)
-		free(envp[i]);
+	environment_t env;
+	environment_init(&env);
+	execute_script("tinc-up", &env);
+	environment_exit(&env);
 }
 
 void device_disable(void) {
-	char *envp[5] = {NULL};
-	xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
-	xasprintf(&envp[1], "DEVICE=%s", device ? : "");
-	xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
-	xasprintf(&envp[3], "NAME=%s", myname);
-
-	execute_script("tinc-down", envp);
-
-	for(int i = 0; i < 4; i++)
-		free(envp[i]);
+	environment_t env;
+	environment_init(&env);
+	execute_script("tinc-down", &env);
+	environment_exit(&env);
 
 	if (devops.disable)
 		devops.disable();
@@ -879,7 +844,7 @@ static bool setup_myself(void) {
 	/* Generate packet encryption key */
 
 	if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
-		cipher = xstrdup("blowfish");
+		cipher = xstrdup("aes-256-cbc");
 
 	if(!strcasecmp(cipher, "none")) {
 		myself->incipher = NULL;
@@ -903,7 +868,7 @@ static bool setup_myself(void) {
 	}
 
 	if(!get_config_string(lookup_config(config_tree, "Digest"), &digest))
-		digest = xstrdup("sha1");
+		digest = xstrdup("sha256");
 
 	if(!strcasecmp(digest, "none")) {
 		myself->indigest = NULL;
@@ -938,10 +903,7 @@ static bool setup_myself(void) {
 
 	graph();
 
-	if(strictsubnets)
-		load_all_subnets();
-	else if(autoconnect)
-		load_all_nodes();
+	load_all_nodes();
 
 	/* Open device */
 
@@ -954,6 +916,8 @@ static bool setup_myself(void) {
 			devops = raw_socket_devops;
 		else if(!strcasecmp(type, "multicast"))
 			devops = multicast_devops;
+		else if(!strcasecmp(type, "fd"))
+			devops = fd_devops;
 #ifdef ENABLE_UML
 		else if(!strcasecmp(type, "uml"))
 			devops = uml_devops;
@@ -1059,6 +1023,25 @@ static bool setup_myself(void) {
 	xasprintf(&myself->hostname, "MYSELF port %s", myport);
 	myself->connection->hostname = xstrdup(myself->hostname);
 
+	char *upnp = NULL;
+	get_config_string(lookup_config(config_tree, "UPnP"), &upnp);
+	bool upnp_tcp = false;
+	bool upnp_udp = false;
+	if (upnp) {
+		if (!strcasecmp(upnp, "yes"))
+			upnp_tcp = upnp_udp = true;
+		else if (!strcasecmp(upnp, "udponly"))
+			upnp_udp = true;
+		free(upnp);
+	}
+	if (upnp_tcp || upnp_udp) {
+#ifdef HAVE_MINIUPNPC
+		upnp_init(upnp_tcp, upnp_udp);
+#else
+		logger(DEBUG_ALWAYS, LOG_WARNING, "UPnP was requested, but tinc isn't built with miniupnpc support!");
+#endif
+	}
+
 	/* Done. */
 
 	last_config_check = now.tv_sec;
@@ -1126,8 +1109,7 @@ void close_network_connections(void) {
 
 	if(myself && myself->connection) {
 		subnet_update(myself, NULL, false);
-		terminate_connection(myself->connection, false);
-		free_connection(myself->connection);
+		connection_del(myself->connection);
 	}
 
 	for(int i = 0; i < listen_sockets; i++) {
@@ -1155,7 +1137,6 @@ void close_network_connections(void) {
 
 	exit_control();
 
-	free(myname);
 	free(scriptextension);
 	free(scriptinterpreter);