X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_subnet.c;h=62656c38302e8587ab10dfb4cb1f36e24ad2239e;hp=d40b3a33afe255f02439953769ec8a71fbe51342;hb=3bd810ea79d6933839ddac4a2cf1445c51947d38;hpb=a8a65cee083a27afe42cab360596e1453e7141b9 diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c index d40b3a33..62656c38 100644 --- a/src/protocol_subnet.c +++ b/src/protocol_subnet.c @@ -2,6 +2,7 @@ protocol_subnet.c -- handle the meta-protocol, subnets Copyright (C) 1999-2005 Ivo Timmermans, 2000-2009 Guus Sliepen + 2009 Michael Tokarev This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -13,11 +14,9 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - $Id$ + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ #include "system.h" @@ -33,29 +32,23 @@ #include "utils.h" #include "xalloc.h" -bool send_add_subnet(connection_t *c, const subnet_t *subnet) -{ +bool send_add_subnet(connection_t *c, const subnet_t *subnet) { char netstr[MAXNETSTR]; - cp(); - if(!net2str(netstr, sizeof netstr, subnet)) return false; - return send_request(c, "%d %lx %s %s", ADD_SUBNET, random(), subnet->owner->name, netstr); + return send_request(c, "%d %x %s %s", ADD_SUBNET, rand(), subnet->owner->name, netstr); } -bool add_subnet_h(connection_t *c) -{ +bool add_subnet_h(connection_t *c) { char subnetstr[MAX_STRING_SIZE]; char name[MAX_STRING_SIZE]; node_t *owner; - subnet_t s = {0}, *new; - - cp(); + subnet_t s = {NULL}, *new, *old; if(sscanf(c->buffer, "%*d %*x " MAX_STRING " " MAX_STRING, name, subnetstr) != 2) { - logger(LOG_ERR, _("Got bad %s from %s (%s)"), "ADD_SUBNET", c->name, + logger(LOG_ERR, "Got bad %s from %s (%s)", "ADD_SUBNET", c->name, c->hostname); return false; } @@ -63,16 +56,16 @@ bool add_subnet_h(connection_t *c) /* Check if owner name is valid */ if(!check_id(name)) { - logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_SUBNET", c->name, - c->hostname, _("invalid name")); + logger(LOG_ERR, "Got bad %s from %s (%s): %s", "ADD_SUBNET", c->name, + c->hostname, "invalid name"); return false; } /* Check if subnet string is valid */ if(!str2net(&s, subnetstr)) { - logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_SUBNET", c->name, - c->hostname, _("invalid subnet string")); + logger(LOG_ERR, "Got bad %s from %s (%s): %s", "ADD_SUBNET", c->name, + c->hostname, "invalid subnet string"); return false; } @@ -85,7 +78,7 @@ bool add_subnet_h(connection_t *c) if(tunnelserver && owner != myself && owner != c->node) { /* in case of tunnelserver, ignore indirect subnet registrations */ - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Ignoring indirect %s from %s (%s) for %s"), + ifdebug(PROTOCOL) logger(LOG_WARNING, "Ignoring indirect %s from %s (%s) for %s", "ADD_SUBNET", c->name, c->hostname, subnetstr); return true; } @@ -104,36 +97,28 @@ bool add_subnet_h(connection_t *c) /* If we don't know this subnet, but we are the owner, retaliate with a DEL_SUBNET */ if(owner == myself) { - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for ourself"), + ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for ourself", "ADD_SUBNET", c->name, c->hostname); s.owner = myself; send_del_subnet(c, &s); return true; } - /* In tunnel server mode, check if the subnet matches one in the config file of this node */ + /* In tunnel server mode, we should already know all allowed subnets */ if(tunnelserver) { - config_t *cfg; - subnet_t *allowed; - - for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) { - if(!get_config_subnet(cfg, &allowed)) - return false; - - if(!subnet_compare(&s, allowed)) - break; + logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s", + "ADD_SUBNET", c->name, c->hostname, subnetstr); + return true; + } - free_subnet(allowed); - } + /* Ignore if strictsubnets is true, but forward it to others */ - if(!cfg) { - logger(LOG_WARNING, _("Unauthorized %s from %s (%s) for %s"), + if(strictsubnets) { + logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s", "ADD_SUBNET", c->name, c->hostname, subnetstr); - return false; - } - - free_subnet(allowed); + forward_request(c); + return true; } /* If everything is correct, add the subnet to the list of the owner */ @@ -146,35 +131,33 @@ bool add_subnet_h(connection_t *c) /* Tell the rest */ - if(!tunnelserver) - forward_request(c); + forward_request(c); + + /* Fast handoff of roaming MAC addresses */ + + if(s.type == SUBNET_MAC && owner != myself && (old = lookup_subnet(myself, &s)) && old->expires) + old->expires = now; return true; } -bool send_del_subnet(connection_t *c, const subnet_t *s) -{ +bool send_del_subnet(connection_t *c, const subnet_t *s) { char netstr[MAXNETSTR]; - cp(); - if(!net2str(netstr, sizeof netstr, s)) return false; - return send_request(c, "%d %lx %s %s", DEL_SUBNET, random(), s->owner->name, netstr); + return send_request(c, "%d %x %s %s", DEL_SUBNET, rand(), s->owner->name, netstr); } -bool del_subnet_h(connection_t *c) -{ +bool del_subnet_h(connection_t *c) { char subnetstr[MAX_STRING_SIZE]; char name[MAX_STRING_SIZE]; node_t *owner; - subnet_t s = {0}, *find; - - cp(); + subnet_t s = {NULL}, *find; if(sscanf(c->buffer, "%*d %*x " MAX_STRING " " MAX_STRING, name, subnetstr) != 2) { - logger(LOG_ERR, _("Got bad %s from %s (%s)"), "DEL_SUBNET", c->name, + logger(LOG_ERR, "Got bad %s from %s (%s)", "DEL_SUBNET", c->name, c->hostname); return false; } @@ -182,16 +165,16 @@ bool del_subnet_h(connection_t *c) /* Check if owner name is valid */ if(!check_id(name)) { - logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_SUBNET", c->name, - c->hostname, _("invalid name")); + logger(LOG_ERR, "Got bad %s from %s (%s): %s", "DEL_SUBNET", c->name, + c->hostname, "invalid name"); return false; } /* Check if subnet string is valid */ if(!str2net(&s, subnetstr)) { - logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_SUBNET", c->name, - c->hostname, _("invalid subnet string")); + logger(LOG_ERR, "Got bad %s from %s (%s): %s", "DEL_SUBNET", c->name, + c->hostname, "invalid subnet string"); return false; } @@ -204,13 +187,13 @@ bool del_subnet_h(connection_t *c) if(tunnelserver && owner != myself && owner != c->node) { /* in case of tunnelserver, ignore indirect subnet deletion */ - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Ignoring indirect %s from %s (%s) for %s"), + ifdebug(PROTOCOL) logger(LOG_WARNING, "Ignoring indirect %s from %s (%s) for %s", "DEL_SUBNET", c->name, c->hostname, subnetstr); return true; } if(!owner) { - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for %s which is not in our node tree"), + ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which is not in our node tree", "DEL_SUBNET", c->name, c->hostname, name); return true; } @@ -222,24 +205,30 @@ bool del_subnet_h(connection_t *c) find = lookup_subnet(owner, &s); if(!find) { - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for %s which does not appear in his subnet tree"), + ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which does not appear in his subnet tree", "DEL_SUBNET", c->name, c->hostname, name); + if(strictsubnets) + forward_request(c); return true; } /* If we are the owner of this subnet, retaliate with an ADD_SUBNET */ if(owner == myself) { - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for ourself"), + ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for ourself", "DEL_SUBNET", c->name, c->hostname); send_add_subnet(c, find); return true; } + if(tunnelserver) + return true; + /* Tell the rest */ - if(!tunnelserver) - forward_request(c); + forward_request(c); + if(strictsubnets) + return true; /* Finally, delete it. */