2 protocol.c -- handle the meta-protocol
3 Copyright (C) 1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: protocol.c,v 1.28.4.20 2000/08/07 14:52:15 guus Exp $
25 #include <sys/types.h>
30 #include <sys/socket.h>
45 char buffer[MAXBUFSIZE+1];
48 /* Outgoing request routines */
50 int send_ack(conn_list_t *cl)
54 syslog(LOG_DEBUG, _("Sending ACK to %s (%s)"),
55 cl->vpn_hostname, cl->real_hostname);
57 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", ACK);
59 if((write(cl->meta_socket, buffer, buflen)) < 0)
61 syslog(LOG_ERR, _("Send failed: %d:%d: %m"), __FILE__, __LINE__);
68 int send_termreq(conn_list_t *cl)
72 syslog(LOG_DEBUG, _("Sending TERMREQ to %s (%s)"),
73 cl->vpn_hostname, cl->real_hostname);
75 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", TERMREQ, myself->vpn_ip);
77 if(write(cl->meta_socket, buffer, buflen) < 0)
80 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
87 int send_timeout(conn_list_t *cl)
91 syslog(LOG_DEBUG, _("Sending TIMEOUT to %s (%s)"),
92 cl->vpn_hostname, cl->real_hostname);
94 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip);
96 if((write(cl->meta_socket, buffer, buflen)) < 0)
98 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
105 int send_del_host(conn_list_t *cl, conn_list_t *new_host)
109 syslog(LOG_DEBUG, _("Sending DEL_HOST for %s (%s) to %s (%s)"),
110 new_host->vpn_hostname, new_host->real_hostname, cl->vpn_hostname, cl->real_hostname);
112 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", DEL_HOST, new_host->vpn_ip);
114 if((write(cl->meta_socket, buffer, buflen)) < 0)
116 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
123 /* Evil hack - TCP tunneling is bad */
124 int send_tcppacket(conn_list_t *cl, void *data, int len)
128 syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
129 cl->vpn_hostname, cl->real_hostname);
131 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
133 if((write(cl->meta_socket, buffer, buflen)) < 0)
135 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
139 if((write(cl->meta_socket, data, len)) < 0)
141 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
149 int send_ping(conn_list_t *cl)
153 syslog(LOG_DEBUG, _("Sending PING to %s (%s)"),
154 cl->vpn_hostname, cl->real_hostname);
156 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PING);
158 if((write(cl->meta_socket, buffer, buflen)) < 0)
160 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
167 int send_pong(conn_list_t *cl)
171 syslog(LOG_DEBUG, _("Sending PONG to %s (%s)"),
172 cl->vpn_hostname, cl->real_hostname);
174 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PONG);
176 if((write(cl->meta_socket, buffer, buflen)) < 0)
178 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
185 int send_add_host(conn_list_t *cl, conn_list_t *new_host)
191 real_ip = new_host->real_ip;
192 hostname = new_host->real_hostname;
193 flags = new_host->flags;
195 /* If we need to propagate information about a new host that wants us to export
196 * it's indirectdata flag, we set the INDIRECTDATA flag and unset the EXPORT...
197 * flag, and set it's real_ip to our vpn_ip, so that net.c send_packet() will
201 if(flags & EXPORTINDIRECTDATA)
203 flags &= ~EXPORTINDIRECTDATA;
204 flags |= INDIRECTDATA;
205 real_ip = myself->vpn_ip;
206 hostname = myself->real_hostname;
210 syslog(LOG_DEBUG, _("Sending ADD_HOST for %s (%s) to %s (%s)"),
211 new_host->vpn_hostname, hostname, cl->vpn_hostname, cl->real_hostname);
213 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx/%lx:%x %d\n", ADD_HOST, real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port, flags);
215 if((write(cl->meta_socket, buffer, buflen)) < 0)
217 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
224 int send_key_changed(conn_list_t *cl, conn_list_t *src)
228 syslog(LOG_DEBUG, _("Sending KEY_CHANGED origin %s to %s (%s)"),
229 src->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
231 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", KEY_CHANGED, src->vpn_ip);
233 if((write(cl->meta_socket, buffer, buflen)) < 0)
235 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
242 void send_key_changed_all(void)
246 for(p = conn_list; p != NULL; p = p->next)
247 if(p->status.meta && p->status.active)
248 send_key_changed(p, myself);
252 int send_basic_info(conn_list_t *cl)
256 syslog(LOG_DEBUG, _("Sending BASIC_INFO to %s"),
259 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d %lx/%lx:%x %d\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port, myself->flags);
261 if((write(cl->meta_socket, buffer, buflen)) < 0)
263 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
270 int send_passphrase(conn_list_t *cl)
274 encrypt_passphrase(&tmp);
277 syslog(LOG_DEBUG, _("Sending PASSPHRASE to %s (%s)"),
278 cl->vpn_hostname, cl->real_hostname);
280 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PASSPHRASE, tmp.phrase);
282 if((write(cl->meta_socket, buffer, buflen)) < 0)
284 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
291 int send_public_key(conn_list_t *cl)
295 syslog(LOG_DEBUG, _("Sending PUBLIC_KEY to %s (%s)"),
296 cl->vpn_hostname, cl->real_hostname);
298 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PUBLIC_KEY, my_public_key_base36);
300 if((write(cl->meta_socket, buffer, buflen)) < 0)
302 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
309 /* WDN doet deze functie? (GS)
310 int send_calculate(conn_list_t *cl, char *k)
313 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", CALCULATE, k);
315 if((write(cl->meta_socket, buffer, buflen)) < 0)
317 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
325 int send_key_request(ip_t to)
329 fw = lookup_conn(to);
332 syslog(LOG_ERR, _("Attempting to send REQ_KEY to %d.%d.%d.%d, which does not exist?"),
338 syslog(LOG_DEBUG, _("Sending REQ_KEY to %s (%s)"),
339 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
341 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip);
343 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
345 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
348 fw->status.waitingforkey = 1;
353 int send_key_answer(conn_list_t *cl, ip_t to)
358 fw = lookup_conn(to);
362 syslog(LOG_ERR, _("Attempting to send ANS_KEY to %d.%d.%d.%d, which does not exist?"),
368 syslog(LOG_DEBUG, _("Sending ANS_KEY to %s (%s)"),
369 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
371 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36);
373 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
375 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
383 notify all my direct connections of a new host
384 that was added to the vpn, with the exception
385 of the source of the announcement.
387 int notify_others(conn_list_t *new, conn_list_t *source,
388 int (*function)(conn_list_t*, conn_list_t*))
392 for(p = conn_list; p != NULL; p = p->next)
393 if(p != new && p != source && p->status.meta && p->status.active)
400 notify one connection of everything
403 int notify_one(conn_list_t *new)
407 for(p = conn_list; p != NULL; p = p->next)
408 if(p != new && p->status.active)
409 send_add_host(new, p);
415 The incoming request handlers
418 int basic_info_h(conn_list_t *cl)
423 syslog(LOG_DEBUG, _("Got BASIC_INFO from %s"), cl->real_hostname);
425 if(sscanf(cl->buffer, "%*d %d %lx/%lx:%hx %d", &cl->protocol_version, &cl->vpn_ip, &cl->vpn_mask, &cl->port, &cl->flags) != 5)
427 syslog(LOG_ERR, _("Got bad BASIC_INFO from %s"),
432 cl->vpn_hostname = hostlookup(htonl(cl->vpn_ip));
434 if(cl->protocol_version != PROT_CURRENT)
436 syslog(LOG_ERR, _("Peer uses incompatible protocol version %d"),
437 cl->protocol_version);
441 if(cl->status.outgoing)
443 /* First check if the host we connected to is already in our
444 connection list. If so, we are probably making a loop, which
448 if(old=lookup_conn(cl->vpn_ip))
451 syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"),
452 cl->vpn_hostname, cl->real_hostname);
453 cl->status.outgoing = 0;
454 old->status.outgoing = 1;
455 terminate_connection(cl);
459 if(setup_vpn_connection(cl) < 0)
466 if(setup_vpn_connection(cl) < 0)
474 int passphrase_h(conn_list_t *cl)
477 cl->pp = xmalloc(sizeof(*(cl->pp)));
479 if(sscanf(cl->buffer, "%*d %as", &(cl->pp->phrase)) != 1)
481 syslog(LOG_ERR, _("Got bad PASSPHRASE from %s (%s)"),
482 cl->vpn_hostname, cl->real_hostname);
485 cl->pp->len = strlen(cl->pp->phrase);
488 syslog(LOG_DEBUG, _("Got PASSPHRASE from %s (%s)"),
489 cl->vpn_hostname, cl->real_hostname);
491 if(cl->status.outgoing)
499 int public_key_h(conn_list_t *cl)
504 if(sscanf(cl->buffer, "%*d %as", &g_n) != 1)
506 syslog(LOG_ERR, _("Got bad PUBLIC_KEY from %s (%s)"),
507 cl->vpn_hostname, cl->real_hostname);
512 syslog(LOG_DEBUG, _("Got PUBLIC_KEY from %s (%s)"),
513 cl->vpn_hostname, cl->real_hostname);
515 if(verify_passphrase(cl, g_n))
518 syslog(LOG_ERR, _("Intruder from %s: passphrase for %s does not match!"),
519 cl->real_hostname, cl->vpn_hostname);
523 if(cl->status.outgoing)
529 /* Okay, before we active the connection, we check if there is another entry
530 in the connection list with the same vpn_ip. If so, it presumably is an
531 old connection that has timed out but we don't know it yet.
534 while(old = lookup_conn(cl->vpn_ip))
537 syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"),
538 cl->vpn_hostname, old->real_hostname, cl->real_hostname);
539 old->status.active = 0;
540 terminate_connection(old);
543 cl->status.active = 1;
546 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
547 cl->vpn_hostname, cl->real_hostname);
549 notify_others(cl, NULL, send_add_host);
556 int ack_h(conn_list_t *cl)
560 syslog(LOG_DEBUG, _("Got ACK from %s (%s)"),
561 cl->vpn_hostname, cl->real_hostname);
563 cl->status.active = 1;
566 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
567 cl->vpn_hostname, cl->real_hostname);
569 notify_others(cl, NULL, send_add_host);
577 int termreq_h(conn_list_t *cl)
580 if(!cl->status.active)
582 syslog(LOG_ERR, _("Got unauthorized TERMREQ from %s (%s)"),
583 cl->vpn_hostname, cl->real_hostname);
588 syslog(LOG_DEBUG, _("Got TERMREQ from %s (%s)"),
589 cl->vpn_hostname, cl->real_hostname);
591 cl->status.termreq = 1;
593 terminate_connection(cl);
598 int timeout_h(conn_list_t *cl)
601 if(!cl->status.active)
603 syslog(LOG_ERR, _("Got unauthorized TIMEOUT from %s (%s)"),
604 cl->vpn_hostname, cl->real_hostname);
609 syslog(LOG_DEBUG, _("Got TIMEOUT from %s (%s)"),
610 cl->vpn_hostname, cl->real_hostname);
612 cl->status.termreq = 1;
613 terminate_connection(cl);
618 int del_host_h(conn_list_t *cl)
623 if(!cl->status.active)
625 syslog(LOG_ERR, _("Got unauthorized DEL_HOST from %s (%s)"),
626 cl->vpn_hostname, cl->real_hostname);
630 if(sscanf(cl->buffer, "%*d %lx", &vpn_ip) != 1)
632 syslog(LOG_ERR, _("Got bad DEL_HOST from %s (%s)"),
633 cl->vpn_hostname, cl->real_hostname);
637 if(!(fw = lookup_conn(vpn_ip)))
639 syslog(LOG_ERR, _("Got DEL_HOST for %d.%d.%d.%d from %s (%s) which does not exist?"),
640 IP_ADDR_V(vpn_ip), cl->vpn_hostname, cl->real_hostname);
644 /* Connections lists are really messed up if this happens */
645 if(vpn_ip == myself->vpn_ip)
647 syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"),
648 cl->vpn_hostname, cl->real_hostname);
654 syslog(LOG_DEBUG, _("Got DEL_HOST for %s (%s) from %s (%s)"),
655 fw->vpn_hostname, fw->real_hostname, cl->vpn_hostname, cl->real_hostname);
657 notify_others(fw, cl, send_del_host);
659 fw->status.termreq = 1;
660 fw->status.active = 0;
662 terminate_connection(fw);
667 int tcppacket_h(conn_list_t *cl)
672 if(!cl->status.active)
674 syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
675 cl->vpn_hostname, cl->real_hostname);
679 if(sscanf(cl->buffer, "%*d %d", &len) != 1)
681 syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
682 cl->vpn_hostname, cl->real_hostname);
688 syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
689 cl->vpn_hostname, cl->real_hostname);
694 syslog(LOG_DEBUG, _("Got PACKET from %s (%s)"),
695 cl->vpn_hostname, cl->real_hostname);
697 /* Evil kludge comming up */
698 if(read(cl->meta_socket,packet,len)!=len)
700 syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s)"),
701 cl->vpn_hostname, cl->real_hostname);
711 int ping_h(conn_list_t *cl)
714 if(!cl->status.active)
716 syslog(LOG_ERR, _("Got unauthorized PING from %s (%s)"),
717 cl->vpn_hostname, cl->real_hostname);
722 syslog(LOG_DEBUG, _("Got PING from %s (%s)"),
723 cl->vpn_hostname, cl->real_hostname);
725 cl->status.pinged = 0;
726 cl->status.got_pong = 1;
733 int pong_h(conn_list_t *cl)
736 if(!cl->status.active)
738 syslog(LOG_ERR, _("Got unauthorized PONG from %s (%s)"),
739 cl->vpn_hostname, cl->real_hostname);
744 syslog(LOG_DEBUG, _("Got PONG from %s (%s)"),
745 cl->vpn_hostname, cl->real_hostname);
747 cl->status.got_pong = 1;
752 int add_host_h(conn_list_t *cl)
759 conn_list_t *ncn, *old;
761 if(!cl->status.active)
763 syslog(LOG_ERR, _("Got unauthorized ADD_HOST from %s (%s)"),
764 cl->vpn_hostname, cl->real_hostname);
768 if(sscanf(cl->buffer, "%*d %lx %lx/%lx:%hx %d", &real_ip, &vpn_ip, &vpn_mask, &port, &flags) != 5)
770 syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s)"),
771 cl->vpn_hostname, cl->real_hostname);
775 if(old = lookup_conn(vpn_ip))
777 if((real_ip==old->real_ip) && (vpn_mask==old->vpn_mask) && (port==old->port))
780 syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"),
781 old->vpn_hostname, old->real_hostname, cl->vpn_hostname, cl->real_hostname);
782 goto skip_add_host; /* One goto a day keeps the deeply nested if constructions away. */
787 syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"),
788 old->vpn_hostname, old->real_hostname);
789 old->status.active = 0;
790 terminate_connection(old);
794 /* Connections lists are really messed up if this happens */
795 if(vpn_ip == myself->vpn_ip)
797 syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"),
798 cl->vpn_hostname, cl->real_hostname);
803 ncn = new_conn_list();
804 ncn->real_ip = real_ip;
805 ncn->real_hostname = hostlookup(htonl(real_ip));
806 ncn->vpn_ip = vpn_ip;
807 ncn->vpn_mask = vpn_mask;
808 ncn->vpn_hostname = hostlookup(htonl(vpn_ip));
812 ncn->next = conn_list;
814 ncn->status.active = 1;
817 syslog(LOG_DEBUG, _("Got ADD_HOST for %s (%s) from %s (%s)"),
818 ncn->vpn_hostname, ncn->real_hostname, cl->vpn_hostname, cl->real_hostname);
822 notify_others(ncn, cl, send_add_host);
827 int req_key_h(conn_list_t *cl)
833 if(!cl->status.active)
835 syslog(LOG_ERR, _("Got unauthorized REQ_KEY from %s (%s)"),
836 cl->vpn_hostname, cl->real_hostname);
840 if(sscanf(cl->buffer, "%*d %lx %lx", &to, &from) != 2)
842 syslog(LOG_ERR, _("Got bad REQ_KEY from %s (%s)"),
843 cl->vpn_hostname, cl->real_hostname);
848 syslog(LOG_DEBUG, _("Got REQ_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
849 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
851 if((to & myself->vpn_mask) == (myself->vpn_ip & myself->vpn_mask))
852 { /* hey! they want something from ME! :) */
853 send_key_answer(cl, from);
857 fw = lookup_conn(to);
861 syslog(LOG_ERR, _("Attempting to forward REQ_KEY to %d.%d.%d.%d, which does not exist?"),
867 syslog(LOG_DEBUG, _("Forwarding REQ_KEY to %s (%s)"),
868 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
870 cl->buffer[cl->reqlen-1] = '\n';
872 if(write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen) < 0)
874 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
881 void set_keys(conn_list_t *cl, int expiry, char *key)
887 cl->public_key = xmalloc(sizeof(*cl->key));
888 cl->public_key->key = NULL;
891 if(cl->public_key->key)
892 free(cl->public_key->key);
893 cl->public_key->length = strlen(key);
894 cl->public_key->expiry = expiry;
895 cl->public_key->key = xmalloc(cl->public_key->length + 1);
896 strcpy(cl->public_key->key, key);
898 ek = make_shared_key(key);
902 cl->key = xmalloc(sizeof(*cl->key));
909 cl->key->length = strlen(ek);
910 cl->key->expiry = expiry;
911 cl->key->key = xmalloc(cl->key->length + 1);
912 strcpy(cl->key->key, ek);
916 int ans_key_h(conn_list_t *cl)
922 conn_list_t *fw, *gk;
924 if(!cl->status.active)
926 syslog(LOG_ERR, _("Got unauthorized ANS_KEY from %s (%s)"),
927 cl->vpn_hostname, cl->real_hostname);
931 if(sscanf(cl->buffer, "%*d %lx %lx %d %as", &to, &from, &expiry, &key) != 4)
933 syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s)"),
934 cl->vpn_hostname, cl->real_hostname);
939 syslog(LOG_DEBUG, _("Got ANS_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
940 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
942 if(to == myself->vpn_ip)
943 { /* hey! that key's for ME! :) */
944 gk = lookup_conn(from);
948 syslog(LOG_ERR, _("Receiving ANS_KEY origin %d.%d.%d.%d from %s (%s), which does not exist?"),
949 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
953 set_keys(gk, expiry, key);
954 gk->status.validkey = 1;
955 gk->status.waitingforkey = 0;
960 fw = lookup_conn(to);
964 syslog(LOG_ERR, _("Attempting to forward ANS_KEY to %d.%d.%d.%d, which does not exist?"),
970 syslog(LOG_DEBUG, _("Forwarding ANS_KEY to %s (%s)"),
971 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
973 cl->buffer[cl->reqlen-1] = '\n';
975 if((write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen)) < 0)
977 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
984 int key_changed_h(conn_list_t *cl)
989 if(!cl->status.active)
991 syslog(LOG_ERR, _("Got unauthorized KEY_CHANGED from %s (%s)"),
992 cl->vpn_hostname, cl->real_hostname);
996 if(sscanf(cl->buffer, "%*d %lx", &from) != 1)
998 syslog(LOG_ERR, _("Got bad KEY_CHANGED from %s (%s)"),
999 cl->vpn_hostname, cl->real_hostname);
1003 ik = lookup_conn(from);
1007 syslog(LOG_ERR, _("Got KEY_CHANGED origin %d.%d.%d.%d from %s (%s), which does not exist?"),
1008 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
1013 syslog(LOG_DEBUG, _("Got KEY_CHANGED origin %s from %s (%s)"),
1014 ik->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
1016 ik->status.validkey = 0;
1017 ik->status.waitingforkey = 0;
1019 notify_others(ik, cl, send_key_changed);
1024 int (*request_handlers[256])(conn_list_t*) = {
1025 0, ack_h, 0, 0, 0, 0, 0, 0, 0, 0,
1026 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1027 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1028 termreq_h, timeout_h, del_host_h, 0, 0, 0, 0, 0, 0, 0,
1029 ping_h, pong_h, 0, 0, 0, 0, 0, 0, 0, 0,
1030 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1031 add_host_h, basic_info_h, passphrase_h, public_key_h, 0, 0, 0, 0, 0, 0,
1032 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1033 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1034 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1035 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1036 tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1037 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1038 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1039 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1040 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1041 req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
1042 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1043 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1044 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1045 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1046 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1047 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1048 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1049 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,