X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=4bac3f0b0d637498f68b2f0ba84c1d7cae422f2f;hp=b28413564ddc0b3a7ad3bade8dad1bc9b3b774c8;hb=1728d5b2c43b33700a9997f97fe8503ad1cf3585;hpb=9bab08e972ae0ca4b904a659d9aed46aaa9b5dd5 diff --git a/src/net_setup.c b/src/net_setup.c index b2841356..4bac3f0b 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -1,7 +1,7 @@ /* net_setup.c -- Setup. - Copyright (C) 1998-2003 Ivo Timmermans , - 2000-2003 Guus Sliepen + Copyright (C) 1998-2005 Ivo Timmermans, + 2000-2006 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_setup.c,v 1.1.2.49 2003/12/20 21:09:33 guus Exp $ + $Id$ */ #include "system.h" @@ -150,17 +150,23 @@ bool read_rsa_public_key(connection_t *c) bool read_rsa_private_key(void) { FILE *fp; - char *fname, *key; + char *fname, *key, *pubkey; struct stat s; cp(); if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) { + if(!get_config_string(lookup_config(myself->connection->config_tree, "PublicKey"), &pubkey)) { + logger(LOG_ERR, _("PrivateKey used but no PublicKey found!")); + return false; + } myself->connection->rsa_key = RSA_new(); // RSA_blinding_on(myself->connection->rsa_key, NULL); BN_hex2bn(&myself->connection->rsa_key->d, key); + BN_hex2bn(&myself->connection->rsa_key->n, pubkey); BN_hex2bn(&myself->connection->rsa_key->e, "FFFF"); free(key); + free(pubkey); return true; } @@ -242,19 +248,15 @@ bool setup_myself(void) myself->name = name; myself->connection->name = xstrdup(name); - if(!read_rsa_private_key()) - return false; - if(!read_connection_config(myself->connection)) { logger(LOG_ERR, _("Cannot open host configuration file for myself!")); return false; } - if(!read_rsa_public_key(myself->connection)) + if(!read_rsa_private_key()) return false; - if(!get_config_string - (lookup_config(myself->connection->config_tree, "Port"), &myport)) + if(!get_config_string(lookup_config(myself->connection->config_tree, "Port"), &myport)) asprintf(&myport, "655"); /* Read in all the subnets specified in the host configuration file */ @@ -285,7 +287,7 @@ bool setup_myself(void) myself->options |= OPTION_TCPONLY; if(get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) && choice) - myself->options |= OPTION_DONTFRAGMENT; + myself->options |= OPTION_PMTU_DISCOVERY; if(myself->options & OPTION_TCPONLY) myself->options |= OPTION_INDIRECT; @@ -366,7 +368,7 @@ bool setup_myself(void) myself->connection->outcipher = EVP_bf_ofb(); myself->key = xmalloc(myself->keylength); - RAND_pseudo_bytes(myself->key, myself->keylength); + RAND_pseudo_bytes((unsigned char *)myself->key, myself->keylength); if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime)) keylifetime = 3600; @@ -375,7 +377,7 @@ bool setup_myself(void) if(myself->cipher) { EVP_CIPHER_CTX_init(&packet_ctx); - if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key, myself->key + myself->cipher->key_len)) { + if(!EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, (unsigned char *)myself->key, (unsigned char *)myself->key + myself->cipher->key_len)) { logger(LOG_ERR, _("Error during initialisation of cipher for %s (%s): %s"), myself->name, myself->hostname, ERR_error_string(ERR_get_error(), NULL)); return false; @@ -435,7 +437,6 @@ bool setup_myself(void) myself->nexthop = myself; myself->via = myself; - myself->status.active = true; myself->status.reachable = true; node_add(myself); @@ -458,6 +459,10 @@ bool setup_myself(void) for(i = 0; i < 5; i++) free(envp[i]); + /* Run subnet-up scripts for our own subnets */ + + subnet_update(myself, NULL, true); + /* Open sockets */ get_config_string(lookup_config(config_tree, "BindToAddress"), &address); @@ -496,7 +501,7 @@ bool setup_myself(void) free(hostname); } - listen_socket[listen_sockets].sa.sa = *aip->ai_addr; + memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen); listen_sockets++; } @@ -528,12 +533,20 @@ bool setup_network_connections(void) init_events(); init_requests(); - if(get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout)) { - if(pingtimeout < 1) { - pingtimeout = 86400; + if(get_config_int(lookup_config(config_tree, "PingInterval"), &pinginterval)) { + if(pinginterval < 1) { + pinginterval = 86400; } } else - pingtimeout = 60; + pinginterval = 60; + + if(!get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout)) + pingtimeout = 5; + if(pingtimeout < 1 || pingtimeout > pinginterval) + pingtimeout = pinginterval; + + if(!get_config_int(lookup_config(config_tree, "MaxOutputBufferSize"), &maxoutbufsize)) + maxoutbufsize = 4 * MTU; if(!setup_myself()) return false; @@ -564,14 +577,22 @@ void close_network_connections(void) terminate_connection(c, false); } - if(myself && myself->connection) + if(myself && myself->connection) { + subnet_update(myself, NULL, false); terminate_connection(myself->connection, false); + } for(i = 0; i < listen_sockets; i++) { close(listen_socket[i].tcp); close(listen_socket[i].udp); } + asprintf(&envp[0], "NETNAME=%s", netname ? : ""); + asprintf(&envp[1], "DEVICE=%s", device ? : ""); + asprintf(&envp[2], "INTERFACE=%s", iface ? : ""); + asprintf(&envp[3], "NAME=%s", myself->name); + envp[4] = NULL; + exit_requests(); exit_events(); exit_edges(); @@ -579,12 +600,6 @@ void close_network_connections(void) exit_nodes(); exit_connections(); - asprintf(&envp[0], "NETNAME=%s", netname ? : ""); - asprintf(&envp[1], "DEVICE=%s", device ? : ""); - asprintf(&envp[2], "INTERFACE=%s", iface ? : ""); - asprintf(&envp[3], "NAME=%s", myself->name); - envp[4] = NULL; - execute_script("tinc-down", envp); for(i = 0; i < 4; i++)