projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Don't tarpit localhost connections
[tinc]
/
src
/
subnet.c
diff --git
a/src/subnet.c
b/src/subnet.c
index
ffc82a6
..
94000cc
100644
(file)
--- a/
src/subnet.c
+++ b/
src/subnet.c
@@
-1,6
+1,6
@@
/*
subnet.c -- handle subnet lookups and lists
/*
subnet.c -- handle subnet lookups and lists
- Copyright (C) 2000-20
17
Guus Sliepen <guus@tinc-vpn.org>,
+ Copyright (C) 2000-20
22
Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
2000-2005 Ivo Timmermans
This program is free software; you can redistribute it and/or modify
@@
-22,6
+22,7
@@
#include "splay_tree.h"
#include "control_common.h"
#include "splay_tree.h"
#include "control_common.h"
+#include "crypto.h"
#include "hash.h"
#include "logger.h"
#include "net.h"
#include "hash.h"
#include "logger.h"
#include "net.h"
@@
-30,6
+31,7
@@
#include "script.h"
#include "subnet.h"
#include "xalloc.h"
#include "script.h"
#include "subnet.h"
#include "xalloc.h"
+#include "sandbox.h"
/* lists type of subnet */
uint32_t hash_seed;
/* lists type of subnet */
uint32_t hash_seed;
@@
-83,7
+85,7
@@
static uint32_t hash_function_ipv6_t(const ipv6_t *p) {
uint32_t hash = hash_seed;
for(int i = 0; i < 4; i++) {
uint32_t hash = hash_seed;
for(int i = 0; i < 4; i++) {
- hash
+= fullwidth[i]
;
+ hash
= wrapping_add32(hash, fullwidth[i])
;
hash = wrapping_mul32(hash, 0x9e370001U);
}
hash = wrapping_mul32(hash, 0x9e370001U);
}
@@
-95,7
+97,7
@@
static uint32_t hash_function_mac_t(const mac_t *p) {
uint32_t hash = hash_seed;
for(int i = 0; i < 3; i++) {
uint32_t hash = hash_seed;
for(int i = 0; i < 3; i++) {
- hash
+= halfwidth[i]
;
+ hash
= wrapping_add32(hash, halfwidth[i])
;
hash = wrapping_mul32(hash, 0x9e370001U);
}
hash = wrapping_mul32(hash, 0x9e370001U);
}
@@
-128,7
+130,10
@@
void subnet_cache_flush_table(subnet_type_t stype) {
/* Initialising trees */
void init_subnets(void) {
/* Initialising trees */
void init_subnets(void) {
- hash_seed = (uint32_t)rand();
+ hash_seed = prng(UINT32_MAX);
+
+ // tables need to be cleared on startup
+ subnet_cache_flush_tables();
}
void exit_subnets(void) {
}
void exit_subnets(void) {
@@
-158,7
+163,7
@@
void subnet_cache_flush_tables(void) {
hash_clear(mac_t, &mac_cache);
}
hash_clear(mac_t, &mac_cache);
}
-void subnet_cache_flush(subnet_t *subnet) {
+
static
void subnet_cache_flush(subnet_t *subnet) {
switch(subnet->type) {
case SUBNET_IPV4:
if(subnet->net.ipv4.prefixlength == 32) {
switch(subnet->type) {
case SUBNET_IPV4:
if(subnet->net.ipv4.prefixlength == 32) {
@@
-317,8
+322,12
@@
subnet_t *lookup_subnet_ipv6(const ipv6_t *address) {
}
void subnet_update(node_t *owner, subnet_t *subnet, bool up) {
}
void subnet_update(node_t *owner, subnet_t *subnet, bool up) {
+ if(!sandbox_can(START_PROCESSES, RIGHT_NOW)) {
+ return;
+ }
+
char netstr[MAXNETSTR];
char netstr[MAXNETSTR];
- char *
name, *
address, *port;
+ char *address, *port;
char empty[] = "";
// Prepare environment variables to be passed to the script
char empty[] = "";
// Prepare environment variables to be passed to the script
@@
-338,7
+347,7
@@
void subnet_update(node_t *owner, subnet_t *subnet, bool up) {
int env_subnet = environment_add(&env, NULL);
int env_weight = environment_add(&env, NULL);
int env_subnet = environment_add(&env, NULL);
int env_weight = environment_add(&env, NULL);
- name = up ? "subnet-up" : "subnet-down";
+
const char *
name = up ? "subnet-up" : "subnet-down";
if(!subnet) {
for splay_each(subnet_t, subnet, &owner->subnet_tree) {
if(!subnet) {
for splay_each(subnet_t, subnet, &owner->subnet_tree) {