X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=4a369ff737e7b5eec4163b6a27d154de55d97f10;hp=074c271d807ac5550fd0a3449d5f55d0e44cecec;hb=9de5787574b21e94c80ddc60def2b3e514aff755;hpb=d646f4e094b63720f97bfd37bb3489bd9d6231a0 diff --git a/src/net.c b/src/net.c index 074c271d..4a369ff7 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.93 2001/01/11 11:19:08 guus Exp $ + $Id: net.c,v 1.35.4.95 2001/02/25 16:04:00 guus Exp $ */ #include "config.h" @@ -202,6 +202,7 @@ int send_packet(ip_t to, vpn_packet_t *packet) { connection_t *cl; subnet_t *subnet; + vpn_packet_t *copy; cp if((subnet = lookup_subnet_ipv4(&to)) == NULL) { @@ -242,7 +243,13 @@ cp syslog(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"), cl->name, cl->hostname); - list_insert_tail(cl->queue, packet); + /* Since packet is on the stack of handle_tap_input(), + we have to make a copy of it first. */ + + copy = xmalloc(sizeof(vpn_packet_t)); + memcpy(copy, packet, sizeof(vpn_packet_t)); + + list_insert_tail(cl->queue, copy); if(!cl->status.waitingforkey) send_req_key(myself, cl); /* Keys should be sent to the host running the tincd */ @@ -260,7 +267,7 @@ cp void flush_queue(connection_t *cl) { list_node_t *node, *next; - +cp if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_INFO, _("Flushing queue for %s (%s)"), cl->name, cl->hostname); @@ -270,6 +277,7 @@ void flush_queue(connection_t *cl) xsend(cl, (vpn_packet_t *)node->data); list_delete_node(cl->queue, node); } +cp } /* @@ -610,17 +618,24 @@ int read_rsa_public_key(connection_t *cl) { config_t const *cfg; FILE *fp; + char *fname; void *result; cp if(!cl->rsa_key) cl->rsa_key = RSA_new(); + /* First, check for simple PublicKey statement */ + if((cfg = get_config_val(cl->config, config_publickey))) { BN_hex2bn(&cl->rsa_key->n, cfg->data.ptr); BN_hex2bn(&cl->rsa_key->e, "FFFF"); + return 0; } - else if((cfg = get_config_val(cl->config, config_publickeyfile))) + + /* Else, check for PublicKeyFile statement and read it */ + + if((cfg = get_config_val(cl->config, config_publickeyfile))) { if(is_safe_path(cfg->data.ptr)) { @@ -638,17 +653,31 @@ cp cfg->data.ptr); return -1; } + return 0; } else return -1; } - else + + /* Else, check if a harnessed public key is in the config file */ + + asprintf(&fname, "%s/hosts/%s", confbase, cl->name); + if((fp = fopen(fname, "r"))) { - syslog(LOG_ERR, _("No public key for %s specified!"), cl->name); - return -1; + result = PEM_read_RSAPublicKey(fp, &cl->rsa_key, NULL, NULL); + fclose(fp); + free(fname); + if(result) + return 0; } + + free(fname); + + /* Nothing worked. */ + + syslog(LOG_ERR, _("No public key for %s specified!"), cl->name); cp - return 0; + return -1; } int read_rsa_private_key(void)