Allow using key & configuration parser from tincd in tinc.

[tinc] / src / net.c

diff --git a/src/net.c b/src/net.c
index 097a79c..de79b5e 100644 (file)
--- a/src/net.c
+++ b/src/net.c
@@ -1,7 +1,7 @@
 /*
     net.c -- most of the network code
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2017 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2021 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2011      Loïc Grenié <loic.grenie@gmail.com>
 
@@ -23,6 +23,7 @@
 #include "system.h"
 
 #include "autoconnect.h"
+#include "conf_net.h"
 #include "conf.h"
 #include "connection.h"
 #include "device.h"
@@ -92,6 +93,22 @@ void purge(void) {
        }
 }
 
+/* Put a misbehaving connection in the tarpit */
+void tarpit(int fd) {
+       static int pits[10] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1};
+       static unsigned int next_pit = 0;
+
+       if(pits[next_pit] != -1) {
+               closesocket(pits[next_pit]);
+       }
+
+       pits[next_pit++] = fd;
+
+       if(next_pit >= sizeof pits / sizeof pits[0]) {
+               next_pit = 0;
+       }
+}
+
 /*
   Terminate a connection:
   - Mark it as inactive
@@ -218,6 +235,7 @@ static void timeout_handler(void *data) {
                                logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout while connecting to %s (%s)", c->name, c->hostname);
                        } else {
                                logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout from %s (%s) during authentication", c->name, c->hostname);
+                               c->status.tarpit = true;
                        }
 
                        terminate_connection(c, c->edge);
@@ -285,6 +303,10 @@ static void periodic_handler(void *data) {
 
 void handle_meta_connection_data(connection_t *c) {
        if(!receive_meta(c)) {
+               if(!c->status.control) {
+                       c->status.tarpit = true;
+               }
+
                terminate_connection(c, c->edge);
                return;
        }
@@ -319,7 +341,7 @@ int reload_configuration(void) {
        exit_configuration(&config_tree);
        init_configuration(&config_tree);
 
-       if(!read_server_config()) {
+       if(!read_server_config(config_tree)) {
                logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file.");
                return EINVAL;
        }
@@ -327,7 +349,7 @@ int reload_configuration(void) {
        read_config_options(config_tree, NULL);
 
        snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, myself->name);
-       read_config_file(config_tree, fname);
+       read_config_file(config_tree, fname, true);
 
        /* Parse some options that are allowed to be changed while tinc is running */
 
@@ -383,20 +405,18 @@ int reload_configuration(void) {
                while(cfg) {
                        subnet_t *subnet, *s2;
 
-                       if(!get_config_subnet(cfg, &subnet)) {
-                               continue;
-                       }
+                       if(get_config_subnet(cfg, &subnet)) {
+                               if((s2 = lookup_subnet(myself, subnet))) {
+                                       if(s2->expires == 1) {
+                                               s2->expires = 0;
+                                       }
 
-                       if((s2 = lookup_subnet(myself, subnet))) {
-                               if(s2->expires == 1) {
-                                       s2->expires = 0;
+                                       free_subnet(subnet);
+                               } else {
+                                       subnet_add(myself, subnet);
+                                       send_add_subnet(everyone, subnet);
+                                       subnet_update(myself, subnet, true);
                                }
-
-                               free_subnet(subnet);
-                       } else {
-                               subnet_add(myself, subnet);
-                               send_add_subnet(everyone, subnet);
-                               subnet_update(myself, subnet, true);
                        }
 
                        cfg = lookup_config_next(config_tree, cfg);