- Added experimental hackish tunneling-over-TCP support.

  Just use TCPonly = true in the configuration file.

diff --git a/src/conf.c b/src/conf.c
index 9bc25a7..3b1eb49 100644 (file)
--- a/src/conf.c
+++ b/src/conf.c
@@ -19,7 +19,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: conf.c,v 1.9.4.6 2000/07/02 13:36:18 guus Exp $
+    $Id: conf.c,v 1.9.4.7 2000/08/07 14:52:14 guus Exp $
 */
 
 
@@ -71,6 +71,7 @@ static internal_config_t hazahaza[] = {
   { "VpnMask",      vpnmask,        TYPE_IP },
   { "Hostnames",    resolve_dns,    TYPE_BOOL },
   { "IndirectData", indirectdata,   TYPE_BOOL },
+  { "TCPonly",      tcponly,        TYPE_BOOL },
   { NULL, 0, 0 }
 };
 

diff --git a/src/conf.h b/src/conf.h
index 1d75859..9402090 100644 (file)
--- a/src/conf.h
+++ b/src/conf.h
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: conf.h,v 1.6.4.5 2000/06/30 11:45:14 guus Exp $
+    $Id: conf.h,v 1.6.4.6 2000/08/07 14:52:14 guus Exp $
 */
 
 #ifndef __TINC_CONF_H__
@@ -49,6 +49,7 @@ typedef enum which_t {
   vpnmask,
   resolve_dns,
   indirectdata,
+  tcponly,
 } which_t;
 
 typedef struct config_t {

diff --git a/src/net.c b/src/net.c
index dce4ae4..93be1cb 100644 (file)
--- a/src/net.c
+++ b/src/net.c
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: net.c,v 1.35.4.20 2000/07/02 13:40:57 guus Exp $
+    $Id: net.c,v 1.35.4.21 2000/08/07 14:52:15 guus Exp $
 */
 
 #include "config.h"
@@ -107,16 +107,19 @@ cp
     syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
            ntohs(rp.len), cl->vpn_hostname, cl->real_hostname);
 
+  total_socket_out += r;
+
+  cl->want_ping = 1;
+
+  if((cl->flags | myself->flags) & TCPONLY)
+      return send_tcppacket(cl, packet, ntohs(rp.len));
+
   if((r = send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0)
     {
       syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
              cl->vpn_hostname, cl->real_hostname);
       return -1;
     }
-
-  total_socket_out += r;
-
-  cl->want_ping = 1;
 cp
   return 0;
 }
@@ -606,6 +609,10 @@ cp
     if(cfg->data.val == stupid_true)
       myself->flags |= EXPORTINDIRECTDATA;
 
+  if(cfg = get_config_val(tcponly))
+    if(cfg->data.val == stupid_true)
+      myself->flags |= TCPONLY;
+
   if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
     {
       syslog(LOG_ERR, _("Unable to set up a listening socket"));

diff --git a/src/net.h b/src/net.h
index a74a9f9..40bc934 100644 (file)
--- a/src/net.h
+++ b/src/net.h
@@ -16,7 +16,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: net.h,v 1.9.4.6 2000/07/01 07:49:21 guus Exp $
+    $Id: net.h,v 1.9.4.7 2000/08/07 14:52:15 guus Exp $
 */
 
 #ifndef __TINC_NET_H__
@@ -50,6 +50,7 @@
 /* flags */
 #define INDIRECTDATA        0x0001 /* Used to indicate that this host has to be reached indirect */
 #define EXPORTINDIRECTDATA  0x0002 /* Used to indicate uplink that it has to tell others to do INDIRECTDATA */
+#define TCPONLY             0x0004 /* Tells sender to send packets over TCP instead of UDP (for firewalls) */
 
 typedef unsigned long ip_t;
 typedef short length_t;

diff --git a/src/protocol.c b/src/protocol.c
index 3c20f3b..a3fa5f1 100644 (file)
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.c,v 1.28.4.19 2000/06/30 21:03:51 guus Exp $
+    $Id: protocol.c,v 1.28.4.20 2000/08/07 14:52:15 guus Exp $
 */
 
 #include "config.h"
@@ -120,6 +120,32 @@ cp
   return 0;
 }
 
+/* Evil hack - TCP tunneling is bad */
+int send_tcppacket(conn_list_t *cl, void *data, int len)
+{
+cp
+  if(debug_lvl > 1)
+    syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
+          cl->vpn_hostname, cl->real_hostname);
+
+  buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
+
+  if((write(cl->meta_socket, buffer, buflen)) < 0)
+    {
+      syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
+      return -1;
+    }
+
+  if((write(cl->meta_socket, data, len)) < 0)
+    {
+      syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
+      return -1;
+    }
+  
+cp
+  return 0;
+}
+
 int send_ping(conn_list_t *cl)
 {
 cp
@@ -638,6 +664,50 @@ cp
   return 0;
 }
 
+int tcppacket_h(conn_list_t *cl)
+{
+  char packet[1600];
+  int len;
+cp
+  if(!cl->status.active)
+    {
+      syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
+              cl->vpn_hostname, cl->real_hostname);
+      return -1;
+    }
+
+  if(sscanf(cl->buffer, "%*d %d", &len) != 1)
+    {
+       syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
+              cl->vpn_hostname, cl->real_hostname);
+       return -1;
+    }  
+
+  if(len>1600)
+    {
+       syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
+              cl->vpn_hostname, cl->real_hostname);
+       return -1;
+    }  
+
+  if(debug_lvl > 1)
+    syslog(LOG_DEBUG, _("Got PACKET from %s (%s)"),
+              cl->vpn_hostname, cl->real_hostname);
+
+  /* Evil kludge comming up */
+  if(read(cl->meta_socket,packet,len)!=len)
+    {
+       syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s)"),
+              cl->vpn_hostname, cl->real_hostname);
+       return -1;
+    }  
+
+  xrecv(cl,packet);    
+cp
+  return 0;
+}
+
+
 int ping_h(conn_list_t *cl)
 {
 cp
@@ -963,13 +1033,19 @@ int (*request_handlers[256])(conn_list_t*) = {
   0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
   0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
   0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
   0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
   req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
   0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0
 };

diff --git a/src/protocol.h b/src/protocol.h
index 110dde8..fecaa88 100644 (file)
--- a/src/protocol.h
+++ b/src/protocol.h
@@ -16,7 +16,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: protocol.h,v 1.5.4.3 2000/06/29 17:09:08 guus Exp $
+    $Id: protocol.h,v 1.5.4.4 2000/08/07 14:52:16 guus Exp $
 */
 
 #ifndef __TINC_PROTOCOL_H__
@@ -59,6 +59,7 @@ enum {
   CALCULATE = 100,      /* calculate the following numer^privkey and send me the result */  
   CALC_RES,             /* result of the above */
   ALMOST_KEY,           /* this number^privkey is the shared key */
+  PACKET = 110,                /* TCP tunneled network packet */
   REQ_KEY = 160,        /* request public key */
   ANS_KEY,              /* answer to such request */
   KEY_CHANGED,         /* public key has changed */