X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=94a665139365d7b8564b1e5334f60a857d3dc572;hp=34279824eda4c5dadf66f299e2369b928670fe04;hb=3c54a513b0c0a3acac60e03403ab4abfa0688c62;hpb=9fd02ffcb0cacf3de26e876de5f30510bff137a3 diff --git a/src/net.c b/src/net.c index 34279824..94a66513 100644 --- a/src/net.c +++ b/src/net.c @@ -1,6 +1,7 @@ /* net.c -- most of the network code - Copyright (C) 1998,1999,2000 Ivo Timmermans + Copyright (C) 1998,1999,2000 Ivo Timmermans , + 2000 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -15,6 +16,8 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + + $Id: net.c,v 1.35.4.2 2000/06/24 12:35:42 guus Exp $ */ #include "config.h" @@ -274,6 +277,11 @@ cp syslog(LOG_NOTICE, _("trying to look up " IP_ADDR_S " in connection list failed."), IP_ADDR_V(to)); } + + /* Is this really necessary? If we can't find "to", then neither should any uplink. (GS) */ + + return -1; + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); if(!cl) { /* No open outgoing connection has been found. */ @@ -283,6 +291,48 @@ cp } } + /* If we ourselves have indirectdata flag set, we should send only to our uplink! */ + + if(myself->flags & EXPORTINDIRECTDATA) + { + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); + if(!cl) + { /* No open outgoing connection has been found. */ + if(debug_lvl > 2) + syslog(LOG_NOTICE, _("There is no remote host I can send this packet to.")); + return -1; + } + } + else + + /* If indirectdata flag is set for the destination we just looked up, + * then real_ip is actually the vpn_ip of the gateway tincd + * it is behind. + */ + + if(cl->flags & INDIRECTDATA) + { + if((cl = lookup_conn(cl->vpn_ip)) == NULL) + { + if(debug_lvl > 2) + { + syslog(LOG_NOTICE, _("indirect look up " IP_ADDR_S " in connection list failed."), + IP_ADDR_V(to)); + } + + /* Gateway tincd dead? Should we kill it? (GS) */ + + return -1; + } + if(cl->flags & INDIRECTDATA) /* This should not happen */ + if(debug_lvl > 1) + { + syslog(LOG_NOTICE, _("double indirection for " IP_ADDR_S), + IP_ADDR_V(to)); + } + return -1; + } + if(my_key_expiry <= time(NULL)) regenerate_keys(); @@ -519,12 +569,17 @@ cp myself->vpn_ip = cfg->data.ip->ip; myself->vpn_mask = cfg->data.ip->mask; + myself->flags = 0; if(!(cfg = get_config_val(listenport))) myself->port = 655; else myself->port = cfg->data.val; + if(cfg = get_config_val(indirectdata)) + if(cfg->data.val) + myself->flags |= EXPORTINDIRECTDATA; + if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) { syslog(LOG_ERR, _("Unable to set up a listening socket")); @@ -812,6 +867,8 @@ cp */ void terminate_connection(conn_list_t *cl) { + conn_list_t *p, *q; + cp if(cl->status.remove) return; @@ -838,6 +895,26 @@ cp cl->status.active = 0; cl->status.remove = 1; + +cp + /* Find all connections that were lost because they were behind cl + (the connection that was dropped). */ + for(p = conn_list; p != NULL; p = p->next) + if(p->nexthop == cl) + { + p->status.active = 0; + p->status.remove = 1; + } + +cp + /* Then send a notification about all these connections to all hosts + that are still connected to us. */ + for(p = conn_list; p != NULL; p = p->next) + if(!p->status.remove && p->status.meta) + for(q = conn_list; q != NULL; q = q->next) + if(q->status.remove) + send_del_host(p, q); + cp } @@ -970,7 +1047,7 @@ cp { if(sscanf(cl->buffer, "%d", &request) == 1) { - if(request_handlers[request] == NULL) + if((request < 0) || (request > 255) || (request_handlers[request] == NULL)) { syslog(LOG_ERR, _("Unknown request: %s"), cl->buffer); return -1;