X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=94a665139365d7b8564b1e5334f60a857d3dc572;hp=27586ec309b64f2f648c20e895566aacc27ee64f;hb=3c54a513b0c0a3acac60e03403ab4abfa0688c62;hpb=2fdda8e4fa6c6ace5f7e9421f0644a3ffec388c9 diff --git a/src/net.c b/src/net.c index 27586ec3..94a66513 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.33 2000/05/30 12:31:41 zarq Exp $ + $Id: net.c,v 1.35.4.2 2000/06/24 12:35:42 guus Exp $ */ #include "config.h" @@ -277,6 +277,11 @@ cp syslog(LOG_NOTICE, _("trying to look up " IP_ADDR_S " in connection list failed."), IP_ADDR_V(to)); } + + /* Is this really necessary? If we can't find "to", then neither should any uplink. (GS) */ + + return -1; + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); if(!cl) { /* No open outgoing connection has been found. */ @@ -286,6 +291,48 @@ cp } } + /* If we ourselves have indirectdata flag set, we should send only to our uplink! */ + + if(myself->flags & EXPORTINDIRECTDATA) + { + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); + if(!cl) + { /* No open outgoing connection has been found. */ + if(debug_lvl > 2) + syslog(LOG_NOTICE, _("There is no remote host I can send this packet to.")); + return -1; + } + } + else + + /* If indirectdata flag is set for the destination we just looked up, + * then real_ip is actually the vpn_ip of the gateway tincd + * it is behind. + */ + + if(cl->flags & INDIRECTDATA) + { + if((cl = lookup_conn(cl->vpn_ip)) == NULL) + { + if(debug_lvl > 2) + { + syslog(LOG_NOTICE, _("indirect look up " IP_ADDR_S " in connection list failed."), + IP_ADDR_V(to)); + } + + /* Gateway tincd dead? Should we kill it? (GS) */ + + return -1; + } + if(cl->flags & INDIRECTDATA) /* This should not happen */ + if(debug_lvl > 1) + { + syslog(LOG_NOTICE, _("double indirection for " IP_ADDR_S), + IP_ADDR_V(to)); + } + return -1; + } + if(my_key_expiry <= time(NULL)) regenerate_keys(); @@ -522,12 +569,17 @@ cp myself->vpn_ip = cfg->data.ip->ip; myself->vpn_mask = cfg->data.ip->mask; + myself->flags = 0; if(!(cfg = get_config_val(listenport))) myself->port = 655; else myself->port = cfg->data.val; + if(cfg = get_config_val(indirectdata)) + if(cfg->data.val) + myself->flags |= EXPORTINDIRECTDATA; + if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) { syslog(LOG_ERR, _("Unable to set up a listening socket")); @@ -848,24 +900,21 @@ cp /* Find all connections that were lost because they were behind cl (the connection that was dropped). */ for(p = conn_list; p != NULL; p = p->next) - { - if(p->nexthop == cl) - { - p->status.active = 0; - p->status.remove = 1; - } - } + if(p->nexthop == cl) + { + p->status.active = 0; + p->status.remove = 1; + } cp /* Then send a notification about all these connections to all hosts that are still connected to us. */ for(p = conn_list; p != NULL; p = p->next) - { - if(!p->status.remove) - for(q = conn_list; q != NULL; q = q->next) - if(q->status.remove) - send_del_host(p, q); - } + if(!p->status.remove && p->status.meta) + for(q = conn_list; q != NULL; q = q->next) + if(q->status.remove) + send_del_host(p, q); + cp }