projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Log unauthorized Subnets when StrictSubnets is set.
[tinc]
/
src
/
protocol_subnet.c
diff --git
a/src/protocol_subnet.c
b/src/protocol_subnet.c
index
7098e2a
..
9ae491d
100644
(file)
--- a/
src/protocol_subnet.c
+++ b/
src/protocol_subnet.c
@@
-112,6
+112,15
@@
bool add_subnet_h(connection_t *c) {
return true;
}
return true;
}
+ /* Ignore if strictsubnets is true, but forward it to others */
+
+ if(strictsubnets) {
+ logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
+ "ADD_SUBNET", c->name, c->hostname, subnetstr);
+ forward_request(c);
+ return true;
+ }
+
/* If everything is correct, add the subnet to the list of the owner */
*(new = new_subnet()) = s;
/* If everything is correct, add the subnet to the list of the owner */
*(new = new_subnet()) = s;
@@
-198,6
+207,8
@@
bool del_subnet_h(connection_t *c) {
if(!find) {
ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which does not appear in his subnet tree",
"DEL_SUBNET", c->name, c->hostname, name);
if(!find) {
ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which does not appear in his subnet tree",
"DEL_SUBNET", c->name, c->hostname, name);
+ if(strictsubnets)
+ forward_request(c);
return true;
}
return true;
}
@@
-216,6
+227,8
@@
bool del_subnet_h(connection_t *c) {
/* Tell the rest */
forward_request(c);
/* Tell the rest */
forward_request(c);
+ if(strictsubnets)
+ return true;
/* Finally, delete it. */
/* Finally, delete it. */