X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=00fbdc5adc56651b302a31626f0a3ad1d778c464;hp=2e84a72462f4ae6f4c2406c5412e7b3f3cbeac60;hb=12f6b80429bc05a828051d72cc46f173e4657180;hpb=5d3450357482176ce92ed4832ec944519d197744 diff --git a/src/net.c b/src/net.c index 2e84a724..00fbdc5a 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.117 2001/06/29 10:30:18 guus Exp $ + $Id: net.c,v 1.35.4.123 2001/07/20 20:25:10 guus Exp $ */ #include "config.h" @@ -45,32 +45,24 @@ #include #include -#ifdef HAVE_OPENSSL_RAND_H -# include -#else -# include -#endif - -#ifdef HAVE_OPENSSL_EVP_H -# include -#else -# include -#endif +#include +#include +#include -#ifdef HAVE_OPENSSL_ERR_H -# include -#else -# include -#endif - -#ifdef HAVE_OPENSSL_PEM_H -# include -#else -# include +#ifndef HAVE_RAND_PSEUDO_BYTES +#define RAND_pseudo_bytes RAND_bytes #endif #ifdef HAVE_TUNTAP -#include LINUX_IF_TUN_H + #ifdef HAVE_LINUX + #ifdef LINUX_IF_TUN_H + #include LINUX_IF_TUN_H + #else + #include + #endif + #else + #include + #endif #endif #include @@ -134,7 +126,7 @@ cp /* Encrypt the packet. */ - RAND_bytes(inpkt->salt, sizeof(inpkt->salt)); + RAND_pseudo_bytes(inpkt->salt, sizeof(inpkt->salt)); EVP_EncryptInit(&ctx, cl->cipher_pkttype, cl->cipher_pktkey, cl->cipher_pktkey + cl->cipher_pkttype->key_len); EVP_EncryptUpdate(&ctx, outpkt.salt, &outlen, inpkt->salt, inpkt->len + sizeof(inpkt->salt)); @@ -261,7 +253,7 @@ cp send_udppacket(cl, packet); } -/* Broadcast a packet to all active connections */ +/* Broadcast a packet to all active direct connections */ void broadcast_packet(connection_t *from, vpn_packet_t *packet) { @@ -275,7 +267,7 @@ cp for(node = connection_tree->head; node; node = node->next) { cl = (connection_t *)node->data; - if(cl->status.meta && cl != from) + if(cl->status.active && cl != from) send_packet(cl, packet); } cp @@ -344,12 +336,12 @@ cp /* Set default MAC address for ethertap devices */ mymac.type = SUBNET_MAC; - mymac.net.mac.address.x[0] = 0xff; - mymac.net.mac.address.x[1] = 0xff; - mymac.net.mac.address.x[2] = 0xff; - mymac.net.mac.address.x[3] = 0xff; - mymac.net.mac.address.x[4] = 0xff; - mymac.net.mac.address.x[5] = 0xff; + mymac.net.mac.address.x[0] = 0xfe; + mymac.net.mac.address.x[1] = 0xfd; + mymac.net.mac.address.x[2] = 0x00; + mymac.net.mac.address.x[3] = 0x00; + mymac.net.mac.address.x[4] = 0x00; + mymac.net.mac.address.x[5] = 0x00; #ifdef HAVE_LINUX #ifdef HAVE_TUNTAP @@ -366,8 +358,7 @@ cp taptype = TAP_TYPE_TUNTAP; } #endif -#endif -#ifdef HAVE_FREEBSD +#else taptype = TAP_TYPE_TUNTAP; #endif cp @@ -577,7 +568,7 @@ cp */ int setup_outgoing_connection(char *name) { - connection_t *ncn; + connection_t *ncn, *old; struct hostent *h; config_t const *cfg; cp @@ -587,6 +578,16 @@ cp return -1; } + /* Make sure we don't make an outgoing connection to a host that is already in our connection list */ + + if((old = lookup_id(name))) + { + if(debug_lvl >= DEBUG_CONNECTIONS) + syslog(LOG_NOTICE, _("We are already connected to %s."), name); + old->status.outgoing = 1; + return 0; + } + ncn = new_connection(); asprintf(&ncn->name, "%s", name); @@ -884,10 +885,10 @@ cp keyexpires = time(NULL) + keylifetime; cp - - /* Activate ourselves */ + /* Done */ myself->status.active = 1; + id_add(myself); syslog(LOG_NOTICE, _("Ready: listening on port %hd"), myself->port); cp @@ -1000,30 +1001,24 @@ cp */ void close_network_connections(void) { - avl_node_t *node; + avl_node_t *node, *next; connection_t *p; cp - for(node = connection_tree->head; node; node = node->next) + for(node = connection_tree->head; node; node = next) { + next = node->next; p = (connection_t *)node->data; p->status.outgoing = 0; - p->status.active = 0; terminate_connection(p); } - if(myself) - if(myself->status.active) - { - close(myself->meta_socket); - free_connection(myself); - myself = NULL; - } + terminate_connection(myself); + + destroy_trees(); execute_script("tinc-down"); close(tap_fd); - - destroy_connection_tree(); cp return; } @@ -1082,8 +1077,7 @@ cp for(node = connection_tree->head; node; node = node->next) { p = (connection_t *)node->data; - if(p->status.meta) - FD_SET(p->meta_socket, fs); + FD_SET(p->meta_socket, fs); } FD_SET(myself->meta_socket, fs); @@ -1122,7 +1116,7 @@ cp return; } - cl = lookup_connection(ntohl(from.sin_addr.s_addr), ntohs(from.sin_port)); + cl = lookup_active(ntohl(from.sin_addr.s_addr), ntohs(from.sin_port)); if(!cl) { @@ -1137,8 +1131,11 @@ cp } /* - terminate a connection and notify the other - end before closing the sockets + Terminate a connection: + - Close the sockets + - Remove associated hosts and subnets + - Deactivate the host + - Since it might still be referenced, put it on the prune list. */ void terminate_connection(connection_t *cl) { @@ -1148,26 +1145,26 @@ void terminate_connection(connection_t *cl) cp if(cl->status.remove) return; - - if(debug_lvl >= DEBUG_CONNECTIONS) - syslog(LOG_NOTICE, _("Closing connection with %s (%s)"), - cl->name, cl->hostname); - - cl->status.remove = 1; + else + cl->status.remove = 1; if(cl->socket) close(cl->socket); - if(cl->status.meta) - close(cl->meta_socket); if(cl->status.meta) { + if(debug_lvl >= DEBUG_CONNECTIONS) + syslog(LOG_NOTICE, _("Closing connection with %s (%s)"), + cl->name, cl->hostname); + + close(cl->meta_socket); /* Find all connections that were lost because they were behind cl (the connection that was dropped). */ - for(node = connection_tree->head; node; node = node->next) + for(node = active_tree->head; node; node = next) { + next = node->next; p = (connection_t *)node->data; if(p->nexthop == cl && p != cl) terminate_connection(p); @@ -1179,7 +1176,7 @@ cp for(node = connection_tree->head; node; node = node->next) { p = (connection_t *)node->data; - if(p->status.meta && p->status.active && p != cl) + if(p->status.active && p != cl) send_del_host(p, cl); /* Sounds like recursion, but p does not have a meta connection :) */ } } @@ -1202,11 +1199,11 @@ cp alarm(seconds_till_retry); syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry); } - - /* Deactivate */ - - cl->status.active = 0; cp + /* Schedule it for pruning */ + + prune_add(cl); + connection_del(cl); } /* @@ -1228,7 +1225,7 @@ cp for(node = connection_tree->head; node; node = node->next) { cl = (connection_t *)node->data; - if(cl->status.active && cl->status.meta) + if(cl->status.active) { if(cl->last_ping_time + timeout < now) { @@ -1300,13 +1297,12 @@ cp if(p->status.remove) return; - if(p->status.meta) - if(FD_ISSET(p->meta_socket, f)) - if(receive_meta(p) < 0) - { - terminate_connection(p); - return; - } + if(FD_ISSET(p->meta_socket, f)) + if(receive_meta(p) < 0) + { + terminate_connection(p); + return; + } } if(FD_ISSET(myself->meta_socket, f)) @@ -1378,7 +1374,7 @@ cp tv.tv_sec = timeout; tv.tv_usec = 0; - prune_connection_tree(); + prune_flush(); build_fdset(&fset); if((r = select(FD_SETSIZE, &fset, NULL, NULL, &tv)) < 0) @@ -1427,7 +1423,7 @@ cp if(debug_lvl >= DEBUG_STATUS) syslog(LOG_INFO, _("Regenerating symmetric key")); - RAND_bytes(myself->cipher_pktkey, myself->cipher_pktkeylength); + RAND_pseudo_bytes(myself->cipher_pktkey, myself->cipher_pktkeylength); send_key_changed(myself, NULL); keyexpires = time(NULL) + keylifetime; }