+static bool setup_myself(void) {
+ char *name, *hostname, *cipher, *digest, *type;
+ char *fname = NULL;
+ char *address = NULL;
+
+ if(!(name = get_name())) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Name for tinc daemon required!");
+ return false;
+ }
+
+ myself = new_node();
+ myself->connection = new_connection();
+ myself->name = name;
+ myself->connection->name = xstrdup(name);
+ xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, name);
+ read_config_options(config_tree, name);
+ read_config_file(config_tree, fname);
+ free(fname);
+
+ if(!get_config_string(lookup_config(config_tree, "Port"), &myport))
+ myport = xstrdup("655");
+
+ xasprintf(&myself->hostname, "MYSELF port %s", myport);
+ myself->connection->hostname = xstrdup(myself->hostname);
+
+ myself->connection->options = 0;
+ myself->connection->protocol_major = PROT_MAJOR;
+ myself->connection->protocol_minor = PROT_MINOR;
+
+ myself->options |= PROT_MINOR << 24;
+
+ get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental);
+
+ if(experimental && !read_ecdsa_private_key())
+ return false;
+
+ if(!read_rsa_private_key())
+ return false;
+
+ if(!atoi(myport)) {
+ struct addrinfo *ai = str2addrinfo("localhost", myport, SOCK_DGRAM);
+ sockaddr_t sa;
+ if(!ai || !ai->ai_addr)
+ return false;
+ free(myport);
+ memcpy(&sa, ai->ai_addr, ai->ai_addrlen);
+ sockaddr2str(&sa, NULL, &myport);
+ }
+
+ /* Read in all the subnets specified in the host configuration file */
+
+ for(config_t *cfg = lookup_config(config_tree, "Subnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
+ subnet_t *subnet;
+
+ if(!get_config_subnet(cfg, &subnet))
+ return false;
+
+ subnet_add(myself, subnet);
+ }
+
+ /* Check some options */
+
+ if(!setup_myself_reloadable())
+ return false;
+
+ get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
+ get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
+ strictsubnets |= tunnelserver;
+
+
+
+ if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) {
+ if(udp_rcvbuf <= 0) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "UDPRcvBuf cannot be negative!");
+ return false;
+ }
+ }
+
+ if(get_config_int(lookup_config(config_tree, "UDPSndBuf"), &udp_sndbuf)) {
+ if(udp_sndbuf <= 0) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "UDPSndBuf cannot be negative!");
+ return false;
+ }
+ }
+
+ int replaywin_int;
+ if(get_config_int(lookup_config(config_tree, "ReplayWindow"), &replaywin_int)) {
+ if(replaywin_int < 0) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "ReplayWindow cannot be negative!");
+ return false;
+ }
+ replaywin = (unsigned)replaywin_int;
+ sptps_replaywin = replaywin;
+ }
+
+ /* Generate packet encryption key */
+
+ if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
+ cipher = xstrdup("blowfish");
+
+ if(!cipher_open_by_name(&myself->incipher, cipher)) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized cipher type!");
+ return false;
+ }
+
+ free(cipher);
+
+ send_key_changed();
+ timeout_add(&keyexpire_timeout, keyexpire_handler, &keyexpire_timeout, &(struct timeval){keylifetime, rand() % 100000});
+
+ /* Check if we want to use message authentication codes... */
+
+ int maclength = 4;
+ get_config_int(lookup_config(config_tree, "MACLength"), &maclength);
+
+ if(maclength < 0) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Bogus MAC length!");
+ return false;
+ }
+
+ if(!get_config_string(lookup_config(config_tree, "Digest"), &digest))
+ digest = xstrdup("sha1");
+
+ if(!digest_open_by_name(&myself->indigest, digest, maclength)) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized digest type!");
+ return false;
+ }
+
+ free(digest);
+
+ /* Compression */
+
+ if(get_config_int(lookup_config(config_tree, "Compression"), &myself->incompression)) {
+ if(myself->incompression < 0 || myself->incompression > 11) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Bogus compression level!");
+ return false;
+ }
+ } else
+ myself->incompression = 0;
+
+ myself->connection->outcompression = 0;
+
+ /* Done */
+
+ myself->nexthop = myself;
+ myself->via = myself;
+ myself->status.reachable = true;
+ myself->last_state_change = time(NULL);
+ myself->status.sptps = experimental;
+ node_add(myself);
+
+ graph();
+
+ if(strictsubnets)
+ load_all_subnets();
+ else if(autoconnect)
+ load_all_nodes();
+
+ /* Open device */
+
+ devops = os_devops;
+
+ if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) {
+ if(!strcasecmp(type, "dummy"))
+ devops = dummy_devops;
+ else if(!strcasecmp(type, "raw_socket"))
+ devops = raw_socket_devops;
+ else if(!strcasecmp(type, "multicast"))
+ devops = multicast_devops;
+#ifdef ENABLE_UML
+ else if(!strcasecmp(type, "uml"))
+ devops = uml_devops;
+#endif
+#ifdef ENABLE_VDE
+ else if(!strcasecmp(type, "vde"))
+ devops = vde_devops;
+#endif
+ }
+
+ if(!devops.setup())
+ return false;
+
+ if(device_fd >= 0)
+ io_add(&device_io, handle_device_data, NULL, device_fd, IO_READ);
+
+ /* Run tinc-up script to further initialize the tap interface */
+ char *envp[5];
+ xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
+ xasprintf(&envp[1], "DEVICE=%s", device ? : "");
+ xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
+ xasprintf(&envp[3], "NAME=%s", myself->name);
+ envp[4] = NULL;
+
+ execute_script("tinc-up", envp);
+
+ for(int i = 0; i < 4; i++)
+ free(envp[i]);
+
+ /* Run subnet-up scripts for our own subnets */
+
+ subnet_update(myself, NULL, true);
+
+ /* Open sockets */
+
+ if(!do_detach && getenv("LISTEN_FDS")) {
+ sockaddr_t sa;
+ socklen_t salen;
+
+ listen_sockets = atoi(getenv("LISTEN_FDS"));
+#ifdef HAVE_UNSETENV
+ unsetenv("LISTEN_FDS");
+#endif
+
+ if(listen_sockets > MAXSOCKETS) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets");
+ return false;
+ }
+
+ for(int i = 0; i < listen_sockets; i++) {
+ salen = sizeof sa;
+ if(getsockname(i + 3, &sa.sa, &salen) < 0) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Could not get address of listen fd %d: %s", i + 3, sockstrerror(errno));
+ return false;
+ }
+
+#ifdef FD_CLOEXEC
+ fcntl(i + 3, F_SETFD, FD_CLOEXEC);
+#endif
+
+ int udp_fd = setup_vpn_in_socket(&sa);
+ if(udp_fd < 0)
+ return false;
+
+ io_add(&listen_socket[i].tcp, (io_cb_t)handle_new_meta_connection, &listen_socket[i], i + 3, IO_READ);
+ io_add(&listen_socket[i].udp, (io_cb_t)handle_incoming_vpn_data, &listen_socket[i], udp_fd, IO_READ);
+
+ if(debug_level >= DEBUG_CONNECTIONS) {
+ hostname = sockaddr2hostname(&sa);
+ logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname);
+ free(hostname);
+ }
+
+ memcpy(&listen_socket[i].sa, &sa, salen);
+ }
+ } else {
+ listen_sockets = 0;
+ config_t *cfg = lookup_config(config_tree, "BindToAddress");
+
+ do {
+ get_config_string(cfg, &address);
+ if(cfg)
+ cfg = lookup_config_next(config_tree, cfg);
+
+ char *port = myport;
+
+ if(address) {
+ char *space = strchr(address, ' ');
+ if(space) {
+ *space++ = 0;
+ port = space;
+ }
+
+ if(!strcmp(address, "*"))
+ *address = 0;
+ }
+
+ struct addrinfo *ai, hint = {0};
+ hint.ai_family = addressfamily;
+ hint.ai_socktype = SOCK_STREAM;
+ hint.ai_protocol = IPPROTO_TCP;
+ hint.ai_flags = AI_PASSIVE;
+
+ int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
+ free(address);
+
+ if(err || !ai) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
+ gai_strerror(err));
+ return false;
+ }
+
+ for(struct addrinfo *aip = ai; aip; aip = aip->ai_next) {
+ if(listen_sockets >= MAXSOCKETS) {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets");
+ return false;
+ }
+
+ int tcp_fd = setup_listen_socket((sockaddr_t *) aip->ai_addr);
+
+ if(tcp_fd < 0)
+ continue;
+
+ int udp_fd = setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
+
+ if(tcp_fd < 0) {
+ close(tcp_fd);
+ continue;
+ }
+
+ io_add(&listen_socket[listen_sockets].tcp, handle_new_meta_connection, &listen_socket[listen_sockets], tcp_fd, IO_READ);
+ io_add(&listen_socket[listen_sockets].udp, handle_incoming_vpn_data, &listen_socket[listen_sockets], udp_fd, IO_READ);
+
+ if(debug_level >= DEBUG_CONNECTIONS) {
+ hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
+ logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname);
+ free(hostname);
+ }
+
+ memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
+ listen_sockets++;
+ }
+
+ freeaddrinfo(ai);
+ } while(cfg);
+ }
+
+ if(listen_sockets)
+ logger(DEBUG_ALWAYS, LOG_NOTICE, "Ready");
+ else {
+ logger(DEBUG_ALWAYS, LOG_ERR, "Unable to create any listening socket!");
+ return false;
+ }
+
+ last_config_check = time(NULL);
+
+ return true;
+}
+
+/*
+ initialize network
+*/
+bool setup_network(void) {
+ init_connections();
+ init_subnets();
+ init_nodes();
+ init_edges();
+ init_requests();
+
+ if(get_config_int(lookup_config(config_tree, "PingInterval"), &pinginterval)) {
+ if(pinginterval < 1) {
+ pinginterval = 86400;
+ }
+ } else
+ pinginterval = 60;
+
+ if(!get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout))
+ pingtimeout = 5;
+ if(pingtimeout < 1 || pingtimeout > pinginterval)
+ pingtimeout = pinginterval;
+
+ if(!get_config_int(lookup_config(config_tree, "MaxOutputBufferSize"), &maxoutbufsize))
+ maxoutbufsize = 10 * MTU;
+
+ if(!setup_myself())
+ return false;
+
+ return true;