2 protocol.c -- handle the meta-protocol
3 Copyright (C) 1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: protocol.c,v 1.28.4.21 2000/08/07 16:27:28 guus Exp $
25 #include <sys/types.h>
30 #include <sys/socket.h>
37 #include <netinet/in.h>
47 char buffer[MAXBUFSIZE+1];
50 /* Outgoing request routines */
52 int send_ack(conn_list_t *cl)
56 syslog(LOG_DEBUG, _("Sending ACK to %s (%s)"),
57 cl->vpn_hostname, cl->real_hostname);
59 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", ACK);
61 if((write(cl->meta_socket, buffer, buflen)) < 0)
63 syslog(LOG_ERR, _("Send failed: %d:%d: %m"), __FILE__, __LINE__);
70 int send_termreq(conn_list_t *cl)
74 syslog(LOG_DEBUG, _("Sending TERMREQ to %s (%s)"),
75 cl->vpn_hostname, cl->real_hostname);
77 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", TERMREQ, myself->vpn_ip);
79 if(write(cl->meta_socket, buffer, buflen) < 0)
82 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
89 int send_timeout(conn_list_t *cl)
93 syslog(LOG_DEBUG, _("Sending TIMEOUT to %s (%s)"),
94 cl->vpn_hostname, cl->real_hostname);
96 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip);
98 if((write(cl->meta_socket, buffer, buflen)) < 0)
100 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
107 int send_del_host(conn_list_t *cl, conn_list_t *new_host)
111 syslog(LOG_DEBUG, _("Sending DEL_HOST for %s (%s) to %s (%s)"),
112 new_host->vpn_hostname, new_host->real_hostname, cl->vpn_hostname, cl->real_hostname);
114 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", DEL_HOST, new_host->vpn_ip);
116 if((write(cl->meta_socket, buffer, buflen)) < 0)
118 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
125 /* Evil hack - TCP tunneling is bad */
126 int send_tcppacket(conn_list_t *cl, void *data, int len)
130 syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
131 cl->vpn_hostname, cl->real_hostname);
133 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
135 if((write(cl->meta_socket, buffer, buflen)) < 0)
137 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
141 if((write(cl->meta_socket, data, len)) < 0)
143 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
151 int send_ping(conn_list_t *cl)
155 syslog(LOG_DEBUG, _("Sending PING to %s (%s)"),
156 cl->vpn_hostname, cl->real_hostname);
158 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PING);
160 if((write(cl->meta_socket, buffer, buflen)) < 0)
162 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
169 int send_pong(conn_list_t *cl)
173 syslog(LOG_DEBUG, _("Sending PONG to %s (%s)"),
174 cl->vpn_hostname, cl->real_hostname);
176 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PONG);
178 if((write(cl->meta_socket, buffer, buflen)) < 0)
180 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
187 int send_add_host(conn_list_t *cl, conn_list_t *new_host)
193 real_ip = new_host->real_ip;
194 hostname = new_host->real_hostname;
195 flags = new_host->flags;
197 /* If we need to propagate information about a new host that wants us to export
198 * it's indirectdata flag, we set the INDIRECTDATA flag and unset the EXPORT...
199 * flag, and set it's real_ip to our vpn_ip, so that net.c send_packet() will
203 if(flags & EXPORTINDIRECTDATA)
205 flags &= ~EXPORTINDIRECTDATA;
206 flags |= INDIRECTDATA;
207 real_ip = myself->vpn_ip;
208 hostname = myself->real_hostname;
212 syslog(LOG_DEBUG, _("Sending ADD_HOST for %s (%s) to %s (%s)"),
213 new_host->vpn_hostname, hostname, cl->vpn_hostname, cl->real_hostname);
215 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx/%lx:%x %d\n", ADD_HOST, real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port, flags);
217 if((write(cl->meta_socket, buffer, buflen)) < 0)
219 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
226 int send_key_changed(conn_list_t *cl, conn_list_t *src)
230 syslog(LOG_DEBUG, _("Sending KEY_CHANGED origin %s to %s (%s)"),
231 src->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
233 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", KEY_CHANGED, src->vpn_ip);
235 if((write(cl->meta_socket, buffer, buflen)) < 0)
237 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
244 void send_key_changed_all(void)
248 for(p = conn_list; p != NULL; p = p->next)
249 if(p->status.meta && p->status.active)
250 send_key_changed(p, myself);
254 int send_basic_info(conn_list_t *cl)
258 syslog(LOG_DEBUG, _("Sending BASIC_INFO to %s"),
261 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d %lx/%lx:%x %d\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port, myself->flags);
263 if((write(cl->meta_socket, buffer, buflen)) < 0)
265 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
272 int send_passphrase(conn_list_t *cl)
276 encrypt_passphrase(&tmp);
279 syslog(LOG_DEBUG, _("Sending PASSPHRASE to %s (%s)"),
280 cl->vpn_hostname, cl->real_hostname);
282 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PASSPHRASE, tmp.phrase);
284 if((write(cl->meta_socket, buffer, buflen)) < 0)
286 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
293 int send_public_key(conn_list_t *cl)
297 syslog(LOG_DEBUG, _("Sending PUBLIC_KEY to %s (%s)"),
298 cl->vpn_hostname, cl->real_hostname);
300 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PUBLIC_KEY, my_public_key_base36);
302 if((write(cl->meta_socket, buffer, buflen)) < 0)
304 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
311 /* WDN doet deze functie? (GS)
312 int send_calculate(conn_list_t *cl, char *k)
315 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", CALCULATE, k);
317 if((write(cl->meta_socket, buffer, buflen)) < 0)
319 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
327 int send_key_request(ip_t to)
331 fw = lookup_conn(to);
334 syslog(LOG_ERR, _("Attempting to send REQ_KEY to %d.%d.%d.%d, which does not exist?"),
340 syslog(LOG_DEBUG, _("Sending REQ_KEY to %s (%s)"),
341 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
343 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip);
345 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
347 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
350 fw->status.waitingforkey = 1;
355 int send_key_answer(conn_list_t *cl, ip_t to)
360 fw = lookup_conn(to);
364 syslog(LOG_ERR, _("Attempting to send ANS_KEY to %d.%d.%d.%d, which does not exist?"),
370 syslog(LOG_DEBUG, _("Sending ANS_KEY to %s (%s)"),
371 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
373 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36);
375 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
377 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
385 notify all my direct connections of a new host
386 that was added to the vpn, with the exception
387 of the source of the announcement.
389 int notify_others(conn_list_t *new, conn_list_t *source,
390 int (*function)(conn_list_t*, conn_list_t*))
394 for(p = conn_list; p != NULL; p = p->next)
395 if(p != new && p != source && p->status.meta && p->status.active)
402 notify one connection of everything
405 int notify_one(conn_list_t *new)
409 for(p = conn_list; p != NULL; p = p->next)
410 if(p != new && p->status.active)
411 send_add_host(new, p);
417 The incoming request handlers
420 int basic_info_h(conn_list_t *cl)
425 syslog(LOG_DEBUG, _("Got BASIC_INFO from %s"), cl->real_hostname);
427 if(sscanf(cl->buffer, "%*d %d %lx/%lx:%hx %d", &cl->protocol_version, &cl->vpn_ip, &cl->vpn_mask, &cl->port, &cl->flags) != 5)
429 syslog(LOG_ERR, _("Got bad BASIC_INFO from %s"),
434 cl->vpn_hostname = hostlookup(htonl(cl->vpn_ip));
436 if(cl->protocol_version != PROT_CURRENT)
438 syslog(LOG_ERR, _("Peer uses incompatible protocol version %d"),
439 cl->protocol_version);
443 if(cl->status.outgoing)
445 /* First check if the host we connected to is already in our
446 connection list. If so, we are probably making a loop, which
450 if((old=lookup_conn(cl->vpn_ip)))
453 syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"),
454 cl->vpn_hostname, cl->real_hostname);
455 cl->status.outgoing = 0;
456 old->status.outgoing = 1;
457 terminate_connection(cl);
461 if(setup_vpn_connection(cl) < 0)
468 if(setup_vpn_connection(cl) < 0)
476 int passphrase_h(conn_list_t *cl)
479 cl->pp = xmalloc(sizeof(*(cl->pp)));
481 if(sscanf(cl->buffer, "%*d %as", &(cl->pp->phrase)) != 1)
483 syslog(LOG_ERR, _("Got bad PASSPHRASE from %s (%s)"),
484 cl->vpn_hostname, cl->real_hostname);
487 cl->pp->len = strlen(cl->pp->phrase);
490 syslog(LOG_DEBUG, _("Got PASSPHRASE from %s (%s)"),
491 cl->vpn_hostname, cl->real_hostname);
493 if(cl->status.outgoing)
501 int public_key_h(conn_list_t *cl)
506 if(sscanf(cl->buffer, "%*d %as", &g_n) != 1)
508 syslog(LOG_ERR, _("Got bad PUBLIC_KEY from %s (%s)"),
509 cl->vpn_hostname, cl->real_hostname);
514 syslog(LOG_DEBUG, _("Got PUBLIC_KEY from %s (%s)"),
515 cl->vpn_hostname, cl->real_hostname);
517 if(verify_passphrase(cl, g_n))
520 syslog(LOG_ERR, _("Intruder from %s: passphrase for %s does not match!"),
521 cl->real_hostname, cl->vpn_hostname);
525 if(cl->status.outgoing)
531 /* Okay, before we active the connection, we check if there is another entry
532 in the connection list with the same vpn_ip. If so, it presumably is an
533 old connection that has timed out but we don't know it yet.
536 while((old = lookup_conn(cl->vpn_ip)))
539 syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"),
540 cl->vpn_hostname, old->real_hostname, cl->real_hostname);
541 old->status.active = 0;
542 terminate_connection(old);
545 cl->status.active = 1;
548 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
549 cl->vpn_hostname, cl->real_hostname);
551 notify_others(cl, NULL, send_add_host);
558 int ack_h(conn_list_t *cl)
562 syslog(LOG_DEBUG, _("Got ACK from %s (%s)"),
563 cl->vpn_hostname, cl->real_hostname);
565 cl->status.active = 1;
568 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
569 cl->vpn_hostname, cl->real_hostname);
571 notify_others(cl, NULL, send_add_host);
579 int termreq_h(conn_list_t *cl)
582 if(!cl->status.active)
584 syslog(LOG_ERR, _("Got unauthorized TERMREQ from %s (%s)"),
585 cl->vpn_hostname, cl->real_hostname);
590 syslog(LOG_DEBUG, _("Got TERMREQ from %s (%s)"),
591 cl->vpn_hostname, cl->real_hostname);
593 cl->status.termreq = 1;
595 terminate_connection(cl);
600 int timeout_h(conn_list_t *cl)
603 if(!cl->status.active)
605 syslog(LOG_ERR, _("Got unauthorized TIMEOUT from %s (%s)"),
606 cl->vpn_hostname, cl->real_hostname);
611 syslog(LOG_DEBUG, _("Got TIMEOUT from %s (%s)"),
612 cl->vpn_hostname, cl->real_hostname);
614 cl->status.termreq = 1;
615 terminate_connection(cl);
620 int del_host_h(conn_list_t *cl)
625 if(!cl->status.active)
627 syslog(LOG_ERR, _("Got unauthorized DEL_HOST from %s (%s)"),
628 cl->vpn_hostname, cl->real_hostname);
632 if(sscanf(cl->buffer, "%*d %lx", &vpn_ip) != 1)
634 syslog(LOG_ERR, _("Got bad DEL_HOST from %s (%s)"),
635 cl->vpn_hostname, cl->real_hostname);
639 if(!(fw = lookup_conn(vpn_ip)))
641 syslog(LOG_ERR, _("Got DEL_HOST for %d.%d.%d.%d from %s (%s) which does not exist?"),
642 IP_ADDR_V(vpn_ip), cl->vpn_hostname, cl->real_hostname);
646 /* Connections lists are really messed up if this happens */
647 if(vpn_ip == myself->vpn_ip)
649 syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"),
650 cl->vpn_hostname, cl->real_hostname);
656 syslog(LOG_DEBUG, _("Got DEL_HOST for %s (%s) from %s (%s)"),
657 fw->vpn_hostname, fw->real_hostname, cl->vpn_hostname, cl->real_hostname);
659 notify_others(fw, cl, send_del_host);
661 fw->status.termreq = 1;
662 fw->status.active = 0;
664 terminate_connection(fw);
669 int tcppacket_h(conn_list_t *cl)
672 int len, count = 0, result;
675 if(!cl->status.active)
677 syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
678 cl->vpn_hostname, cl->real_hostname);
682 if(sscanf(cl->buffer, "%*d %d", &len) != 1)
684 syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
685 cl->vpn_hostname, cl->real_hostname);
691 syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
692 cl->vpn_hostname, cl->real_hostname);
696 /* Evil kludge comming up */
699 result=read(cl->meta_socket,&rp+count,len);
702 syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s): %m"),
703 cl->vpn_hostname, cl->real_hostname);
711 syslog(LOG_DEBUG, _("Got PACKET length %d from %s (%s)"), len,
712 cl->vpn_hostname, cl->real_hostname);
714 total_socket_in += len;
716 rp.data.len = ntohs(rp.data.len);
717 rp.len = ntohs(rp.len);
718 rp.from = ntohl(rp.from);
722 f = lookup_conn(rp.from);
725 syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
726 cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp.from));
730 if(f->status.validkey)
734 add_queue(&(f->rq), &rp, rp.len);
735 if(!cl->status.waitingforkey)
736 send_key_request(rp.from);
739 if(my_key_expiry <= time(NULL))
747 int ping_h(conn_list_t *cl)
750 if(!cl->status.active)
752 syslog(LOG_ERR, _("Got unauthorized PING from %s (%s)"),
753 cl->vpn_hostname, cl->real_hostname);
758 syslog(LOG_DEBUG, _("Got PING from %s (%s)"),
759 cl->vpn_hostname, cl->real_hostname);
761 cl->status.pinged = 0;
762 cl->status.got_pong = 1;
769 int pong_h(conn_list_t *cl)
772 if(!cl->status.active)
774 syslog(LOG_ERR, _("Got unauthorized PONG from %s (%s)"),
775 cl->vpn_hostname, cl->real_hostname);
780 syslog(LOG_DEBUG, _("Got PONG from %s (%s)"),
781 cl->vpn_hostname, cl->real_hostname);
783 cl->status.got_pong = 1;
788 int add_host_h(conn_list_t *cl)
795 conn_list_t *ncn, *old;
797 if(!cl->status.active)
799 syslog(LOG_ERR, _("Got unauthorized ADD_HOST from %s (%s)"),
800 cl->vpn_hostname, cl->real_hostname);
804 if(sscanf(cl->buffer, "%*d %lx %lx/%lx:%hx %d", &real_ip, &vpn_ip, &vpn_mask, &port, &flags) != 5)
806 syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s)"),
807 cl->vpn_hostname, cl->real_hostname);
811 if((old = lookup_conn(vpn_ip)))
813 if((real_ip==old->real_ip) && (vpn_mask==old->vpn_mask) && (port==old->port))
816 syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"),
817 old->vpn_hostname, old->real_hostname, cl->vpn_hostname, cl->real_hostname);
818 goto skip_add_host; /* One goto a day keeps the deeply nested if constructions away. */
823 syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"),
824 old->vpn_hostname, old->real_hostname);
825 old->status.active = 0;
826 terminate_connection(old);
830 /* Connections lists are really messed up if this happens */
831 if(vpn_ip == myself->vpn_ip)
833 syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"),
834 cl->vpn_hostname, cl->real_hostname);
839 ncn = new_conn_list();
840 ncn->real_ip = real_ip;
841 ncn->real_hostname = hostlookup(htonl(real_ip));
842 ncn->vpn_ip = vpn_ip;
843 ncn->vpn_mask = vpn_mask;
844 ncn->vpn_hostname = hostlookup(htonl(vpn_ip));
848 ncn->next = conn_list;
850 ncn->status.active = 1;
853 syslog(LOG_DEBUG, _("Got ADD_HOST for %s (%s) from %s (%s)"),
854 ncn->vpn_hostname, ncn->real_hostname, cl->vpn_hostname, cl->real_hostname);
856 notify_others(ncn, cl, send_add_host);
863 int req_key_h(conn_list_t *cl)
869 if(!cl->status.active)
871 syslog(LOG_ERR, _("Got unauthorized REQ_KEY from %s (%s)"),
872 cl->vpn_hostname, cl->real_hostname);
876 if(sscanf(cl->buffer, "%*d %lx %lx", &to, &from) != 2)
878 syslog(LOG_ERR, _("Got bad REQ_KEY from %s (%s)"),
879 cl->vpn_hostname, cl->real_hostname);
884 syslog(LOG_DEBUG, _("Got REQ_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
885 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
887 if((to & myself->vpn_mask) == (myself->vpn_ip & myself->vpn_mask))
888 { /* hey! they want something from ME! :) */
889 send_key_answer(cl, from);
893 fw = lookup_conn(to);
897 syslog(LOG_ERR, _("Attempting to forward REQ_KEY to %d.%d.%d.%d, which does not exist?"),
903 syslog(LOG_DEBUG, _("Forwarding REQ_KEY to %s (%s)"),
904 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
906 cl->buffer[cl->reqlen-1] = '\n';
908 if(write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen) < 0)
910 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
917 void set_keys(conn_list_t *cl, int expiry, char *key)
923 cl->public_key = xmalloc(sizeof(*cl->key));
924 cl->public_key->key = NULL;
927 if(cl->public_key->key)
928 free(cl->public_key->key);
929 cl->public_key->length = strlen(key);
930 cl->public_key->expiry = expiry;
931 cl->public_key->key = xmalloc(cl->public_key->length + 1);
932 strcpy(cl->public_key->key, key);
934 ek = make_shared_key(key);
938 cl->key = xmalloc(sizeof(*cl->key));
945 cl->key->length = strlen(ek);
946 cl->key->expiry = expiry;
947 cl->key->key = xmalloc(cl->key->length + 1);
948 strcpy(cl->key->key, ek);
952 int ans_key_h(conn_list_t *cl)
958 conn_list_t *fw, *gk;
960 if(!cl->status.active)
962 syslog(LOG_ERR, _("Got unauthorized ANS_KEY from %s (%s)"),
963 cl->vpn_hostname, cl->real_hostname);
967 if(sscanf(cl->buffer, "%*d %lx %lx %d %as", &to, &from, &expiry, &key) != 4)
969 syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s)"),
970 cl->vpn_hostname, cl->real_hostname);
975 syslog(LOG_DEBUG, _("Got ANS_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
976 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
978 if(to == myself->vpn_ip)
979 { /* hey! that key's for ME! :) */
980 gk = lookup_conn(from);
984 syslog(LOG_ERR, _("Receiving ANS_KEY origin %d.%d.%d.%d from %s (%s), which does not exist?"),
985 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
989 set_keys(gk, expiry, key);
990 gk->status.validkey = 1;
991 gk->status.waitingforkey = 0;
996 fw = lookup_conn(to);
1000 syslog(LOG_ERR, _("Attempting to forward ANS_KEY to %d.%d.%d.%d, which does not exist?"),
1006 syslog(LOG_DEBUG, _("Forwarding ANS_KEY to %s (%s)"),
1007 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
1009 cl->buffer[cl->reqlen-1] = '\n';
1011 if((write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen)) < 0)
1013 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
1020 int key_changed_h(conn_list_t *cl)
1025 if(!cl->status.active)
1027 syslog(LOG_ERR, _("Got unauthorized KEY_CHANGED from %s (%s)"),
1028 cl->vpn_hostname, cl->real_hostname);
1032 if(sscanf(cl->buffer, "%*d %lx", &from) != 1)
1034 syslog(LOG_ERR, _("Got bad KEY_CHANGED from %s (%s)"),
1035 cl->vpn_hostname, cl->real_hostname);
1039 ik = lookup_conn(from);
1043 syslog(LOG_ERR, _("Got KEY_CHANGED origin %d.%d.%d.%d from %s (%s), which does not exist?"),
1044 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
1049 syslog(LOG_DEBUG, _("Got KEY_CHANGED origin %s from %s (%s)"),
1050 ik->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
1052 ik->status.validkey = 0;
1053 ik->status.waitingforkey = 0;
1055 notify_others(ik, cl, send_key_changed);
1060 int (*request_handlers[256])(conn_list_t*) = {
1061 0, ack_h, 0, 0, 0, 0, 0, 0, 0, 0,
1062 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1063 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1064 termreq_h, timeout_h, del_host_h, 0, 0, 0, 0, 0, 0, 0,
1065 ping_h, pong_h, 0, 0, 0, 0, 0, 0, 0, 0,
1066 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1067 add_host_h, basic_info_h, passphrase_h, public_key_h, 0, 0, 0, 0, 0, 0,
1068 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1069 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1070 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1071 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1072 tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1073 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1074 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1075 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1076 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1077 req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
1078 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1079 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1080 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1081 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1082 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1083 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1084 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1085 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,