Add configurable experation time for invitations.

[tinc] / src / net_setup.c

diff --git a/src/net_setup.c b/src/net_setup.c
index b0a0c95..e164214 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,7 +1,7 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2016 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2017 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
@@ -48,7 +48,6 @@
 #endif
 
 char *myport;
-static char *myname;
 static io_t device_io;
 devops_t devops;
 bool device_standby = false;
@@ -612,6 +611,9 @@ bool setup_myself_reloadable(void) {
 
        get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers);
 
+       if(!get_config_int(lookup_config(config_tree, "InvitationExpire"), &invitation_lifetime))
+               invitation_lifetime = 604800; // 1 week
+
        read_invitation_key();
 
        return true;
@@ -705,29 +707,17 @@ void device_enable(void) {
 
        /* Run tinc-up script to further initialize the tap interface */
 
-       char *envp[5] = {NULL};
-       xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
-       xasprintf(&envp[1], "DEVICE=%s", device ? : "");
-       xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
-       xasprintf(&envp[3], "NAME=%s", myname);
-
-       execute_script("tinc-up", envp);
-
-       for(int i = 0; i < 4; i++)
-               free(envp[i]);
+       environment_t env;
+       environment_init(&env);
+       execute_script("tinc-up", &env);
+       environment_exit(&env);
 }
 
 void device_disable(void) {
-       char *envp[5] = {NULL};
-       xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
-       xasprintf(&envp[1], "DEVICE=%s", device ? : "");
-       xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
-       xasprintf(&envp[3], "NAME=%s", myname);
-
-       execute_script("tinc-down", envp);
-
-       for(int i = 0; i < 4; i++)
-               free(envp[i]);
+       environment_t env;
+       environment_init(&env);
+       execute_script("tinc-down", &env);
+       environment_exit(&env);
 
        if (devops.disable)
                devops.disable();
@@ -857,7 +847,7 @@ static bool setup_myself(void) {
        /* Generate packet encryption key */
 
        if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
-               cipher = xstrdup("blowfish");
+               cipher = xstrdup("aes-256-cbc");
 
        if(!strcasecmp(cipher, "none")) {
                myself->incipher = NULL;
@@ -881,7 +871,7 @@ static bool setup_myself(void) {
        }
 
        if(!get_config_string(lookup_config(config_tree, "Digest"), &digest))
-               digest = xstrdup("sha1");
+               digest = xstrdup("sha256");
 
        if(!strcasecmp(digest, "none")) {
                myself->indigest = NULL;
@@ -929,6 +919,8 @@ static bool setup_myself(void) {
                        devops = raw_socket_devops;
                else if(!strcasecmp(type, "multicast"))
                        devops = multicast_devops;
+               else if(!strcasecmp(type, "fd"))
+                       devops = fd_devops;
 #ifdef ENABLE_UML
                else if(!strcasecmp(type, "uml"))
                        devops = uml_devops;
@@ -1148,7 +1140,6 @@ void close_network_connections(void) {
 
        exit_control();
 
-       free(myname);
        free(scriptextension);
        free(scriptinterpreter);