X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=72d7bfbd3dc123197b180f93de2ce132746f741b;hp=0eb5ef38e8de6ff9c9f9bbbd73c705a4c8f7af89;hb=b3681ebf6c255daf082ed254282cbf493af8fa93;hpb=e7f22d2f5f0a5fcd52da7512ab734b0ba52c623f diff --git a/src/net.c b/src/net.c index 0eb5ef38..72d7bfbd 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.34 2000/05/30 12:38:15 zarq Exp $ + $Id: net.c,v 1.35.4.6 2000/06/26 17:20:58 guus Exp $ */ #include "config.h" @@ -247,7 +247,7 @@ void flush_queues(conn_list_t *cl) cp if(cl->sq) { - if(debug_lvl > 1) + if(debug_lvl > 3) syslog(LOG_DEBUG, _("Flushing send queue for " IP_ADDR_S), IP_ADDR_V(cl->vpn_ip)); flush_queue(cl, &(cl->sq), xsend); @@ -255,7 +255,7 @@ cp if(cl->rq) { - if(debug_lvl > 1) + if(debug_lvl > 3) syslog(LOG_DEBUG, _("Flushing receive queue for " IP_ADDR_S), IP_ADDR_V(cl->vpn_ip)); flush_queue(cl, &(cl->rq), xrecv); @@ -272,20 +272,67 @@ int send_packet(ip_t to, vpn_packet_t *packet) cp if((cl = lookup_conn(to)) == NULL) { - if(debug_lvl > 2) + if(debug_lvl > 3) { - syslog(LOG_NOTICE, _("trying to look up " IP_ADDR_S " in connection list failed."), + syslog(LOG_NOTICE, _("Trying to look up " IP_ADDR_S " in connection list failed!"), IP_ADDR_V(to)); } + + /* Is this really necessary? If we can't find "to", then neither should any uplink. (GS) */ + + return -1; + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); if(!cl) { /* No open outgoing connection has been found. */ - if(debug_lvl > 2) - syslog(LOG_NOTICE, _("There is no remote host I can send this packet to.")); + if(debug_lvl > 3) + syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!")); return -1; } } + /* If we ourselves have indirectdata flag set, we should send only to our uplink! */ + + if(myself->flags & EXPORTINDIRECTDATA) + { + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); + if(!cl) + { /* No open outgoing connection has been found. */ + if(debug_lvl > 3) + syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!")); + return -1; + } + } + else + + /* If indirectdata flag is set for the destination we just looked up, + * then real_ip is actually the vpn_ip of the gateway tincd + * it is behind. + */ + + if(cl->flags & INDIRECTDATA) + { + if((cl = lookup_conn(cl->vpn_ip)) == NULL) + { + if(debug_lvl > 3) + { + syslog(LOG_NOTICE, _("Indirect look up " IP_ADDR_S " in connection list failed!"), + IP_ADDR_V(to)); + } + + /* Gateway tincd dead? Should we kill it? (GS) */ + + return -1; + } + if(cl->flags & INDIRECTDATA) /* This should not happen */ + if(debug_lvl > 3) + { + syslog(LOG_NOTICE, _("double indirection for " IP_ADDR_S), + IP_ADDR_V(to)); + } + return -1; + } + if(my_key_expiry <= time(NULL)) regenerate_keys(); @@ -304,8 +351,8 @@ cp if(!cl->status.active) { add_queue(&(cl->sq), packet, packet->len + 2); - if(debug_lvl > 1) - syslog(LOG_INFO, _(IP_ADDR_S " is not ready, queueing packet."), IP_ADDR_V(cl->vpn_ip)); + if(debug_lvl > 3) + syslog(LOG_INFO, _(IP_ADDR_S " is not ready, queueing packet"), IP_ADDR_V(cl->vpn_ip)); return 0; /* We don't want to mess up, do we? */ } @@ -469,9 +516,8 @@ cp return -1; } - cl->hostname = hostlookup(htonl(cl->real_ip)); - - syslog(LOG_INFO, _("Connected to %s:%hd"), cl->hostname, cl->port); + syslog(LOG_INFO, _("Connected to " IP_ADDR_S ":%hd"), + IP_ADDR_V(cl->real_ip), cl->port); cp return 0; } @@ -489,10 +535,11 @@ int setup_outgoing_connection(ip_t ip) cp ncn = new_conn_list(); ncn->real_ip = ip; - + ncn->hostname = hostlookup(htonl(ip)); + if(setup_outgoing_meta_socket(ncn) < 0) { - syslog(LOG_ERR, _("Could not set up a meta connection.")); + syslog(LOG_ERR, _("Could not set up a meta connection!")); free_conn_element(ncn); return -1; } @@ -521,13 +568,19 @@ cp } myself->vpn_ip = cfg->data.ip->ip; + myself->hostname = hostlookup(htonl(myself->vpn_ip)); myself->vpn_mask = cfg->data.ip->mask; + myself->flags = 0; if(!(cfg = get_config_val(listenport))) myself->port = 655; else myself->port = cfg->data.val; + if(cfg = get_config_val(indirectdata)) + if(cfg->data.val) + myself->flags |= EXPORTINDIRECTDATA; + if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) { syslog(LOG_ERR, _("Unable to set up a listening socket")); @@ -543,7 +596,7 @@ cp myself->status.active = 1; - syslog(LOG_NOTICE, _("Ready: listening on port %d."), myself->port); + syslog(LOG_NOTICE, _("Ready: listening on port %d"), myself->port); cp return 0; } @@ -566,7 +619,7 @@ cp if(seconds_till_retry>300) /* Don't wait more than 5 minutes. */ seconds_till_retry = 300; alarm(seconds_till_retry); - syslog(LOG_ERR, _("Still failed to connect to other. Will retry in %d seconds."), + syslog(LOG_ERR, _("Still failed to connect to other, will retry in %d seconds"), seconds_till_retry); } cp @@ -599,7 +652,7 @@ cp signal(SIGALRM, sigalrm_handler); seconds_till_retry = 300; alarm(seconds_till_retry); - syslog(LOG_NOTICE, _("Try to re-establish outgoing connection in 5 minutes.")); + syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in 5 minutes")); } cp return 0; @@ -637,7 +690,7 @@ cp close(tap_fd); destroy_conn_list(); - syslog(LOG_NOTICE, _("Terminating.")); + syslog(LOG_NOTICE, _("Terminating")); cp return; } @@ -650,7 +703,7 @@ int setup_vpn_connection(conn_list_t *cl) int nfd, flags; struct sockaddr_in a; cp - if(debug_lvl > 1) + if(debug_lvl > 0) syslog(LOG_DEBUG, _("Opening UDP socket to " IP_ADDR_S), IP_ADDR_V(cl->real_ip)); nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); @@ -702,15 +755,16 @@ cp return NULL; } - p->hostname = hostlookup(ci.sin_addr.s_addr); p->real_ip = ntohl(ci.sin_addr.s_addr); + p->hostname = hostlookup(ci.sin_addr.s_addr); p->meta_socket = sfd; p->status.meta = 1; p->buflen = 0; p->last_ping_time = time(NULL); p->want_ping = 0; - syslog(LOG_NOTICE, _("Connection from %s:%d"), p->hostname, htons(ci.sin_port)); + syslog(LOG_NOTICE, _("Connection from %s port %d"), + p->hostname, htons(ci.sin_port)); if(send_basic_info(p) < 0) { @@ -822,7 +876,8 @@ cp return; if(debug_lvl > 0) - syslog(LOG_NOTICE, _("Closing connection with %s."), cl->hostname); + syslog(LOG_NOTICE, _("Closing connection with " IP_ADDR_S " (%s)"), + IP_ADDR_V(cl->vpn_ip), cl->hostname); if(cl->status.timeout) send_timeout(cl); @@ -838,7 +893,7 @@ cp signal(SIGALRM, sigalrm_handler); seconds_till_retry = 5; alarm(seconds_till_retry); - syslog(LOG_NOTICE, _("Try to re-establish outgoing connection in 5 seconds.")); + syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in 5 seconds")); } cl->status.active = 0; @@ -848,24 +903,21 @@ cp /* Find all connections that were lost because they were behind cl (the connection that was dropped). */ for(p = conn_list; p != NULL; p = p->next) - { - if(p->nexthop == cl) - { - p->status.active = 0; - p->status.remove = 1; - } - } + if(p->nexthop == cl) + { + p->status.active = 0; + p->status.remove = 1; + } cp /* Then send a notification about all these connections to all hosts that are still connected to us. */ for(p = conn_list; p != NULL; p = p->next) - { - if(!p->status.remove && p->status.meta) - for(q = conn_list; q != NULL; q = q->next) - if(q->status.remove) - send_del_host(p, q); - } + if(!p->status.remove && p->status.meta) + for(q = conn_list; q != NULL; q = q->next) + if(q->status.remove) + send_del_host(p, q); + cp } @@ -893,8 +945,9 @@ cp { if(p->status.pinged && !p->status.got_pong) { - syslog(LOG_INFO, _("%s (" IP_ADDR_S ") didn't respond to ping"), - p->hostname, IP_ADDR_V(p->vpn_ip)); + if(debug_lvl > 1) + syslog(LOG_INFO, _(IP_ADDR_S " (%s) didn't respond to ping"), + IP_ADDR_V(p->vpn_ip), p->hostname); p->status.timeout = 1; terminate_connection(p); } @@ -932,7 +985,7 @@ cp { shutdown(nfd, 2); close(nfd); - syslog(LOG_NOTICE, _("Closed attempted connection.")); + syslog(LOG_NOTICE, _("Closed attempted connection")); return 0; } @@ -965,7 +1018,7 @@ cp if(cl->buflen >= MAXBUFSIZE) { - syslog(LOG_ERR, _("Metadata read buffer overflow.")); + syslog(LOG_ERR, _("Metadata read buffer overflow!")); return -1; } @@ -996,26 +1049,29 @@ cp if(cl->reqlen) { + if(debug_lvl > 2) + syslog(LOG_DEBUG, _("Got request from " IP_ADDR_S " (%s): %s"), + IP_ADDR_V(cl->vpn_ip), cl->hostname, cl->buffer); if(sscanf(cl->buffer, "%d", &request) == 1) { if((request < 0) || (request > 255) || (request_handlers[request] == NULL)) { - syslog(LOG_ERR, _("Unknown request: %s"), cl->buffer); + syslog(LOG_ERR, _("Unknown request from " IP_ADDR_S " (%s)"), + IP_ADDR_V(cl->vpn_ip), cl->hostname); return -1; } - if(debug_lvl > 3) - syslog(LOG_DEBUG, _("Got request: %s"), cl->buffer); - if(request_handlers[request](cl)) /* Something went wrong. Probably scriptkiddies. Terminate. */ { - syslog(LOG_ERR, _("Error while processing request from " IP_ADDR_S), IP_ADDR_V(cl->real_ip)); + syslog(LOG_ERR, _("Error while processing request from " IP_ADDR_S " (%s)"), + IP_ADDR_V(cl->vpn_ip), cl->hostname); return -1; } } else { - syslog(LOG_ERR, _("Bogus data received.")); + syslog(LOG_ERR, _("Bogus data received from " IP_ADDR_S " (%s)"), + IP_ADDR_V(cl->vpn_ip), cl->hostname); return -1; } @@ -1103,7 +1159,7 @@ cp ether_type = ntohs(*((unsigned short*)(&vp.data[12]))); if(ether_type != 0x0800) { - if(debug_lvl > 0) + if(debug_lvl > 3) syslog(LOG_INFO, _("Non-IP ethernet frame %04x from " MAC_ADDR_S), ether_type, MAC_ADDR_V(vp.data[6])); return; @@ -1111,7 +1167,7 @@ cp if(lenin < 32) { - if(debug_lvl > 0) + if(debug_lvl > 3) syslog(LOG_INFO, _("Dropping short packet")); return; } @@ -1122,7 +1178,7 @@ cp if(debug_lvl > 3) syslog(LOG_DEBUG, _("An IP packet (%04x) for " IP_ADDR_S " from " IP_ADDR_S), ether_type, IP_ADDR_V(to), IP_ADDR_V(from)); - if(debug_lvl > 4) + if(debug_lvl > 3) syslog(LOG_DEBUG, _(MAC_ADDR_S " to " MAC_ADDR_S), MAC_ADDR_V(vp.data[0]), MAC_ADDR_V(vp.data[6]));