X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=94a665139365d7b8564b1e5334f60a857d3dc572;hp=66496cc6198a6520140c64d87faf47c89343a4a1;hb=3c54a513b0c0a3acac60e03403ab4abfa0688c62;hpb=a822c7466aa91a819c498336f91c63d224c3af11 diff --git a/src/net.c b/src/net.c index 66496cc6..94a66513 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.31 2000/05/29 22:20:04 zarq Exp $ + $Id: net.c,v 1.35.4.2 2000/06/24 12:35:42 guus Exp $ */ #include "config.h" @@ -277,6 +277,11 @@ cp syslog(LOG_NOTICE, _("trying to look up " IP_ADDR_S " in connection list failed."), IP_ADDR_V(to)); } + + /* Is this really necessary? If we can't find "to", then neither should any uplink. (GS) */ + + return -1; + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); if(!cl) { /* No open outgoing connection has been found. */ @@ -286,6 +291,48 @@ cp } } + /* If we ourselves have indirectdata flag set, we should send only to our uplink! */ + + if(myself->flags & EXPORTINDIRECTDATA) + { + for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next); + if(!cl) + { /* No open outgoing connection has been found. */ + if(debug_lvl > 2) + syslog(LOG_NOTICE, _("There is no remote host I can send this packet to.")); + return -1; + } + } + else + + /* If indirectdata flag is set for the destination we just looked up, + * then real_ip is actually the vpn_ip of the gateway tincd + * it is behind. + */ + + if(cl->flags & INDIRECTDATA) + { + if((cl = lookup_conn(cl->vpn_ip)) == NULL) + { + if(debug_lvl > 2) + { + syslog(LOG_NOTICE, _("indirect look up " IP_ADDR_S " in connection list failed."), + IP_ADDR_V(to)); + } + + /* Gateway tincd dead? Should we kill it? (GS) */ + + return -1; + } + if(cl->flags & INDIRECTDATA) /* This should not happen */ + if(debug_lvl > 1) + { + syslog(LOG_NOTICE, _("double indirection for " IP_ADDR_S), + IP_ADDR_V(to)); + } + return -1; + } + if(my_key_expiry <= time(NULL)) regenerate_keys(); @@ -522,12 +569,17 @@ cp myself->vpn_ip = cfg->data.ip->ip; myself->vpn_mask = cfg->data.ip->mask; + myself->flags = 0; if(!(cfg = get_config_val(listenport))) myself->port = 655; else myself->port = cfg->data.val; + if(cfg = get_config_val(indirectdata)) + if(cfg->data.val) + myself->flags |= EXPORTINDIRECTDATA; + if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) { syslog(LOG_ERR, _("Unable to set up a listening socket")); @@ -815,6 +867,8 @@ cp */ void terminate_connection(conn_list_t *cl) { + conn_list_t *p, *q; + cp if(cl->status.remove) return; @@ -841,6 +895,26 @@ cp cl->status.active = 0; cl->status.remove = 1; + +cp + /* Find all connections that were lost because they were behind cl + (the connection that was dropped). */ + for(p = conn_list; p != NULL; p = p->next) + if(p->nexthop == cl) + { + p->status.active = 0; + p->status.remove = 1; + } + +cp + /* Then send a notification about all these connections to all hosts + that are still connected to us. */ + for(p = conn_list; p != NULL; p = p->next) + if(!p->status.remove && p->status.meta) + for(q = conn_list; q != NULL; q = q->next) + if(q->status.remove) + send_del_host(p, q); + cp } @@ -973,7 +1047,7 @@ cp { if(sscanf(cl->buffer, "%d", &request) == 1) { - if((request < 0 || request > 255) || request_handlers[request] == NULL) + if((request < 0) || (request > 255) || (request_handlers[request] == NULL)) { syslog(LOG_ERR, _("Unknown request: %s"), cl->buffer); return -1;