X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fmeta.c;h=3bf28093f33b25629e858999d9065c492b905f96;hb=079dcd01794187d2857e1233f6c9930310812593;hp=9b2ecc267f38869800e5b9eb436bfde2a60ba554;hpb=6dfdb323612184529b4b83c1be914dda8262de47;p=tinc diff --git a/src/meta.c b/src/meta.c index 9b2ecc26..3bf28093 100644 --- a/src/meta.c +++ b/src/meta.c @@ -1,6 +1,6 @@ /* meta.c -- handle the meta communication - Copyright (C) 2000-2009 Guus Sliepen , + Copyright (C) 2000-2012 Guus Sliepen , 2000-2005 Ivo Timmermans 2006 Scott Lamb @@ -21,7 +21,6 @@ #include "system.h" -#include "splay_tree.h" #include "cipher.h" #include "connection.h" #include "logger.h" @@ -40,7 +39,7 @@ bool send_meta_sptps(void *handle, uint8_t type, const char *buffer, size_t leng } buffer_add(&c->outbuf, buffer, length); - event_add(&c->outevent, NULL); + io_set(&c->io, IO_READ | IO_WRITE); return true; } @@ -66,26 +65,19 @@ bool send_meta(connection_t *c, const char *buffer, int length) { c->name, c->hostname); return false; } - } else { buffer_add(&c->outbuf, buffer, length); } - event_add(&c->outevent, NULL); + io_set(&c->io, IO_READ | IO_WRITE); return true; } void broadcast_meta(connection_t *from, const char *buffer, int length) { - splay_node_t *node; - connection_t *c; - - for(node = connection_tree->head; node; node = node->next) { - c = node->data; - + for list_each(connection_t, c, connection_list) if(c != from && c->status.active) send_meta(c, buffer, length); - } } bool receive_meta_sptps(void *handle, uint8_t type, const char *data, uint16_t length) { @@ -116,6 +108,11 @@ bool receive_meta_sptps(void *handle, uint8_t type, const char *data, uint16_t l return true; } + /* Change newline to null byte, just like non-SPTPS requests */ + + if(data[length - 1] == '\n') + ((char *)data)[length - 1] = 0; + /* Otherwise we are waiting for a request */ return receive_request(c, data); @@ -188,21 +185,50 @@ bool receive_meta(connection_t *c) { if(c->tcplen) { char *tcpbuffer = buffer_read(&c->inbuf, c->tcplen); - if(tcpbuffer) { - if(proxytype == PROXY_SOCKS4 && c->allow_request == ID) { + if(!tcpbuffer) + break; + + if(!c->node) { + if(c->outgoing && proxytype == PROXY_SOCKS4 && c->allow_request == ID) { if(tcpbuffer[0] == 0 && tcpbuffer[1] == 0x5a) { logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request granted"); } else { logger(DEBUG_CONNECTIONS, LOG_ERR, "Proxy request rejected"); return false; } - } else - receive_tcppacket(c, tcpbuffer, c->tcplen); - c->tcplen = 0; - continue; + } else if(c->outgoing && proxytype == PROXY_SOCKS5 && c->allow_request == ID) { + if(tcpbuffer[0] != 5) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Invalid response from proxy server"); + return false; + } + if(tcpbuffer[1] == 0xff) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Proxy request rejected: unsuitable authentication method"); + return false; + } + if(tcpbuffer[2] != 5) { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Invalid response from proxy server"); + return false; + } + if(tcpbuffer[3] == 0) { + logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request granted"); + } else { + logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request rejected"); + return false; + } + } else { + logger(DEBUG_CONNECTIONS, LOG_ERR, "c->tcplen set but c->node is NULL!"); + abort(); + } } else { - break; + if(c->allow_request == ALL) { + receive_tcppacket(c, tcpbuffer, c->tcplen); + } else { + logger(DEBUG_CONNECTIONS, LOG_ERR, "Got unauthorized TCP packet from %s (%s)", c->name, c->hostname); + return false; + } } + + c->tcplen = 0; } /* Otherwise we are waiting for a request */