along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol.c,v 1.28.4.17 2000/06/29 19:47:03 guus Exp $
+ $Id: protocol.c,v 1.28.4.23 2000/08/08 13:47:57 guus Exp $
*/
#include "config.h"
#include <utils.h>
#include <xalloc.h>
+#include <netinet/in.h>
+
#include "conf.h"
#include "encr.h"
#include "net.h"
return 0;
}
+/* Evil hack - TCP tunneling is bad */
+int send_tcppacket(conn_list_t *cl, void *data, int len)
+{
+cp
+ if(debug_lvl > 3)
+ syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
+ cl->vpn_hostname, cl->real_hostname);
+
+ buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
+
+ if((write(cl->meta_socket, buffer, buflen)) != buflen)
+ {
+ syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
+ return -1;
+ }
+
+ if((write(cl->meta_socket, data, len)) != len)
+ {
+ syslog(LOG_ERR, _("Sending PACKET data failed: %s:%d: %m"), __FILE__, __LINE__);
+ return -1;
+ }
+
+cp
+ return 0;
+}
+
int send_ping(conn_list_t *cl)
{
cp
is not desirable.
*/
- if(old=lookup_conn(cl->vpn_ip))
+ if((old=lookup_conn(cl->vpn_ip)))
{
if(debug_lvl>0)
syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"),
old connection that has timed out but we don't know it yet.
*/
- while(old = lookup_conn(cl->vpn_ip))
+ while((old = lookup_conn(cl->vpn_ip)))
{
- syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"),
+ if(debug_lvl > 1)
+ syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"),
cl->vpn_hostname, old->real_hostname, cl->real_hostname);
old->status.active = 0;
terminate_connection(old);
cl->status.active = 1;
- syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
+ if(debug_lvl > 0)
+ syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
cl->vpn_hostname, cl->real_hostname);
notify_others(cl, NULL, send_add_host);
return 0;
}
+ /* Connections lists are really messed up if this happens */
+ if(vpn_ip == myself->vpn_ip)
+ {
+ syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"),
+ cl->vpn_hostname, cl->real_hostname);
+ sighup = 1;
+ return 0;
+ }
+
if(debug_lvl > 1)
syslog(LOG_DEBUG, _("Got DEL_HOST for %s (%s) from %s (%s)"),
fw->vpn_hostname, fw->real_hostname, cl->vpn_hostname, cl->real_hostname);
return 0;
}
+int tcppacket_h(conn_list_t *cl)
+{
+ real_packet_t rp;
+ int len, count = 0, result;
+ conn_list_t *f;
+cp
+ if(!cl->status.active)
+ {
+ syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
+ cl->vpn_hostname, cl->real_hostname);
+ return -1;
+ }
+
+ if(sscanf(cl->buffer, "%*d %d", &len) != 1)
+ {
+ syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
+ cl->vpn_hostname, cl->real_hostname);
+ return -1;
+ }
+
+ if(len > MTU)
+ {
+ syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
+ cl->vpn_hostname, cl->real_hostname);
+ return -1;
+ }
+
+ if(debug_lvl > 3)
+ syslog(LOG_DEBUG, _("Got PACKET length %d from %s (%s)"), len,
+ cl->vpn_hostname, cl->real_hostname);
+
+ /* Evil kludge comming up */
+ while(len)
+ {
+ if(debug_lvl > 3)
+ syslog(LOG_DEBUG, _("Direct read count=%d len=%d rp=%p socket=%d"), count, len, ((char *)&rp)+count, cl->meta_socket);
+
+ result=read(cl->meta_socket,((char *)&rp)+count,len);
+ if(result<0)
+ {
+ syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s): %m"),
+ cl->vpn_hostname, cl->real_hostname);
+ return -1;
+ }
+ count+=result;
+ len-=result;
+ }
+
+ total_socket_in += len;
+
+ rp.data.len = ntohs(rp.data.len);
+ rp.len = ntohs(rp.len);
+ rp.from = ntohl(rp.from);
+
+ if(rp.len >= 0)
+ {
+ f = lookup_conn(rp.from);
+ if(!f)
+ {
+ syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
+ cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp.from));
+ return -1;
+ }
+
+ if(f->status.validkey)
+ xrecv(f, &rp);
+ else
+ {
+/* add_queue(&(f->rq), &rp, rp.len); We can't do this since rp is on the stack */
+ if(!cl->status.waitingforkey)
+ send_key_request(rp.from);
+ }
+
+ if(my_key_expiry <= time(NULL))
+ regenerate_keys();
+ }
+cp
+ return 0;
+}
+
+
int ping_h(conn_list_t *cl)
{
cp
return -1;
}
- if(old = lookup_conn(vpn_ip))
+ if((old = lookup_conn(vpn_ip)))
{
if((real_ip==old->real_ip) && (vpn_mask==old->vpn_mask) && (port==old->port))
{
terminate_connection(old);
}
}
+
+ /* Connections lists are really messed up if this happens */
+ if(vpn_ip == myself->vpn_ip)
+ {
+ syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"),
+ cl->vpn_hostname, cl->real_hostname);
+ sighup = 1;
+ return 0;
+ }
ncn = new_conn_list();
ncn->real_ip = real_ip;
syslog(LOG_DEBUG, _("Got ADD_HOST for %s (%s) from %s (%s)"),
ncn->vpn_hostname, ncn->real_hostname, cl->vpn_hostname, cl->real_hostname);
-skip_add_host:
-
notify_others(ncn, cl, send_add_host);
+
+skip_add_host:
cp
return 0;
}
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0
};