X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=7c9f23a958d3c293cb40a67e27bd7d4b41286a3f;hb=f0e7e6b03e34e69cac5b01a2d943ad3b9b59d36c;hp=98e6ece24397fa823daa4e33d8f2cf33b2b4ac52;hpb=be1446f5d0e8831b60ea473a5b7b9ba40f18986e;p=tinc

diff --git a/src/net_setup.c b/src/net_setup.c
index 98e6ece2..7c9f23a9 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,7 +1,7 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2013 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2014 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
@@ -52,7 +52,7 @@ char *proxyport;
 char *proxyuser;
 char *proxypass;
 proxytype_t proxytype;
-int autoconnect;
+bool autoconnect;
 bool disablebuggypeers;
 
 char *scriptinterpreter;
@@ -71,17 +71,17 @@ bool node_read_ecdsa_public_key(node_t *n) {
 	if(!read_host_config(config_tree, n->name))
 		goto exit;
 
-	/* First, check for simple ECDSAPublicKey statement */
+	/* First, check for simple Ed25519PublicKey statement */
 
-	if(get_config_string(lookup_config(config_tree, "ECDSAPublicKey"), &p)) {
+	if(get_config_string(lookup_config(config_tree, "Ed25519PublicKey"), &p)) {
 		n->ecdsa = ecdsa_set_base64_public_key(p);
 		free(p);
 		goto exit;
 	}
 
-	/* Else, check for ECDSAPublicKeyFile statement and read it */
+	/* Else, check for Ed25519PublicKeyFile statement and read it */
 
-	if(!get_config_string(lookup_config(config_tree, "ECDSAPublicKeyFile"), &pubname))
+	if(!get_config_string(lookup_config(config_tree, "Ed25519PublicKeyFile"), &pubname))
 		xasprintf(&pubname, "%s" SLASH "hosts" SLASH "%s", confbase, n->name);
 
 	fp = fopen(pubname, "r");
@@ -112,23 +112,23 @@ bool read_ecdsa_public_key(connection_t *c) {
 			return false;
 	}
 
-	/* First, check for simple ECDSAPublicKey statement */
+	/* First, check for simple Ed25519PublicKey statement */
 
-	if(get_config_string(lookup_config(c->config_tree, "ECDSAPublicKey"), &p)) {
+	if(get_config_string(lookup_config(c->config_tree, "Ed25519PublicKey"), &p)) {
 		c->ecdsa = ecdsa_set_base64_public_key(p);
 		free(p);
 		return c->ecdsa;
 	}
 
-	/* Else, check for ECDSAPublicKeyFile statement and read it */
+	/* Else, check for Ed25519PublicKeyFile statement and read it */
 
-	if(!get_config_string(lookup_config(c->config_tree, "ECDSAPublicKeyFile"), &fname))
+	if(!get_config_string(lookup_config(c->config_tree, "Ed25519PublicKeyFile"), &fname))
 		xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, c->name);
 
 	fp = fopen(fname, "r");
 
 	if(!fp) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA public key file `%s': %s",
+		logger(DEBUG_ALWAYS, LOG_ERR, "Error reading Ed25519 public key file `%s': %s",
 			   fname, strerror(errno));
 		free(fname);
 		return false;
@@ -138,7 +138,7 @@ bool read_ecdsa_public_key(connection_t *c) {
 	fclose(fp);
 
 	if(!c->ecdsa)
-		logger(DEBUG_ALWAYS, LOG_ERR, "Parsing ECDSA public key file `%s' failed.", fname);
+		logger(DEBUG_ALWAYS, LOG_ERR, "Parsing Ed25519 public key file `%s' failed.", fname);
 	free(fname);
 	return c->ecdsa;
 }
@@ -187,15 +187,15 @@ static bool read_ecdsa_private_key(void) {
 
 	/* Check for PrivateKeyFile statement and read it */
 
-	if(!get_config_string(lookup_config(config_tree, "ECDSAPrivateKeyFile"), &fname))
-		xasprintf(&fname, "%s" SLASH "ecdsa_key.priv", confbase);
+	if(!get_config_string(lookup_config(config_tree, "Ed25519PrivateKeyFile"), &fname))
+		xasprintf(&fname, "%s" SLASH "ed25519_key.priv", confbase);
 
 	fp = fopen(fname, "r");
 
 	if(!fp) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA private key file `%s': %s", fname, strerror(errno));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Error reading Ed25519 private key file `%s': %s", fname, strerror(errno));
 		if(errno == ENOENT)
-			logger(DEBUG_ALWAYS, LOG_INFO, "Create an ECDSA keypair with `tinc -n %s generate-ecdsa-keys'.", netname ?: ".");
+			logger(DEBUG_ALWAYS, LOG_INFO, "Create an Ed25519 keypair with `tinc -n %s generate-ed25519-keys'.", netname ?: ".");
 		free(fname);
 		return false;
 	}
@@ -204,20 +204,20 @@ static bool read_ecdsa_private_key(void) {
 	struct stat s;
 
 	if(fstat(fileno(fp), &s)) {
-		logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat ECDSA private key file `%s': %s'", fname, strerror(errno));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat Ed25519 private key file `%s': %s'", fname, strerror(errno));
 		free(fname);
 		return false;
 	}
 
 	if(s.st_mode & ~0100700)
-		logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for ECDSA private key file `%s'!", fname);
+		logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for Ed25519 private key file `%s'!", fname);
 #endif
 
 	myself->connection->ecdsa = ecdsa_read_pem_private_key(fp);
 	fclose(fp);
 
 	if(!myself->connection->ecdsa)
-		logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno));
+		logger(DEBUG_ALWAYS, LOG_ERR, "Reading Ed25519 private key file `%s' failed", fname);
 	free(fname);
 	return myself->connection->ecdsa;
 }
@@ -231,7 +231,7 @@ static bool read_invitation_key(void) {
 		invitation_key = NULL;
 	}
 
-	xasprintf(&fname, "%s" SLASH "invitations" SLASH "ecdsa_key.priv", confbase);
+	xasprintf(&fname, "%s" SLASH "invitations" SLASH "ed25519_key.priv", confbase);
 
 	fp = fopen(fname, "r");
 
@@ -239,7 +239,7 @@ static bool read_invitation_key(void) {
 		invitation_key = ecdsa_read_pem_private_key(fp);
 		fclose(fp);
 		if(!invitation_key)
-			logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno));
+			logger(DEBUG_ALWAYS, LOG_ERR, "Reading Ed25519 private key file `%s' failed", fname);
 	}
 
 	free(fname);
@@ -630,9 +630,15 @@ bool setup_myself_reloadable(void) {
 	if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
 		keylifetime = 3600;
 
-	get_config_int(lookup_config(config_tree, "AutoConnect"), &autoconnect);
-	if(autoconnect < 0)
-		autoconnect = 0;
+	config_t *cfg = lookup_config(config_tree, "AutoConnect");
+	if(cfg) {
+		if(!get_config_bool(cfg, &autoconnect)) {
+			// Some backwards compatibility with when this option was an int
+			int val = 0;
+			get_config_int(cfg, &val);
+			autoconnect = val;
+		}
+	}
 
 	get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers);
 
@@ -641,6 +647,85 @@ bool setup_myself_reloadable(void) {
 	return true;
 }
 
+/*
+  Add listening sockets.
+*/
+static bool add_listen_address(char *address, bool bindto) {
+	char *port = myport;
+
+	if(address) {
+		char *space = strchr(address, ' ');
+		if(space) {
+			*space++ = 0;
+			port = space;
+		}
+
+		if(!strcmp(address, "*"))
+			*address = 0;
+	}
+
+	struct addrinfo *ai, hint = {0};
+	hint.ai_family = addressfamily;
+	hint.ai_socktype = SOCK_STREAM;
+	hint.ai_protocol = IPPROTO_TCP;
+	hint.ai_flags = AI_PASSIVE;
+
+	int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
+	free(address);
+
+	if(err || !ai) {
+		logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo", err == EAI_SYSTEM ? strerror(err) : gai_strerror(err));
+		return false;
+	}
+
+	for(struct addrinfo *aip = ai; aip; aip = aip->ai_next) {
+		// Ignore duplicate addresses
+		bool found = false;
+
+		for(int i = 0; i < listen_sockets; i++)
+			if(!memcmp(&listen_socket[i].sa, aip->ai_addr, aip->ai_addrlen)) {
+				found = true;
+				break;
+			}
+
+		if(found)
+			continue;
+
+		if(listen_sockets >= MAXSOCKETS) {
+			logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets");
+			return false;
+		}
+
+		int tcp_fd = setup_listen_socket((sockaddr_t *) aip->ai_addr);
+
+		if(tcp_fd < 0)
+			continue;
+
+		int udp_fd = setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
+
+		if(tcp_fd < 0) {
+			close(tcp_fd);
+			continue;
+		}
+
+		io_add(&listen_socket[listen_sockets].tcp, handle_new_meta_connection, &listen_socket[listen_sockets], tcp_fd, IO_READ);
+		io_add(&listen_socket[listen_sockets].udp, handle_incoming_vpn_data, &listen_socket[listen_sockets], udp_fd, IO_READ);
+
+		if(debug_level >= DEBUG_CONNECTIONS) {
+			char *hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
+			logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname);
+			free(hostname);
+		}
+
+		listen_socket[listen_sockets].bindto = bindto;
+		memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
+		listen_sockets++;
+	}
+
+	freeaddrinfo(ai);
+	return true;
+}
+
 /*
   Configure node_t myself and set up the local sockets (listen only)
 */
@@ -673,7 +758,8 @@ static bool setup_myself(void) {
 
 	if(!get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental)) {
 		experimental = read_ecdsa_private_key();
-		logger(DEBUG_ALWAYS, LOG_WARNING, "Support for SPTPS disabled.");
+		if(!experimental)
+			logger(DEBUG_ALWAYS, LOG_WARNING, "Support for SPTPS disabled.");
 	} else {
 		if(experimental && !read_ecdsa_private_key())
 			return false;
@@ -882,73 +968,25 @@ static bool setup_myself(void) {
 		}
 	} else {
 		listen_sockets = 0;
-		config_t *cfg = lookup_config(config_tree, "BindToAddress");
+		int cfgs = 0;
 
-		do {
+		for(config_t *cfg = lookup_config(config_tree, "BindToAddress"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
+			cfgs++;
 			get_config_string(cfg, &address);
-			if(cfg)
-				cfg = lookup_config_next(config_tree, cfg);
-
-			char *port = myport;
-
-			if(address) {
-				char *space = strchr(address, ' ');
-				if(space) {
-					*space++ = 0;
-					port = space;
-				}
-
-				if(!strcmp(address, "*"))
-					*address = 0;
-			}
-
-			struct addrinfo *ai, hint = {0};
-			hint.ai_family = addressfamily;
-			hint.ai_socktype = SOCK_STREAM;
-			hint.ai_protocol = IPPROTO_TCP;
-			hint.ai_flags = AI_PASSIVE;
-
-			int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
-			free(address);
-
-			if(err || !ai) {
-				logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo", err == EAI_SYSTEM ? strerror(err) : gai_strerror(err));
+			if(!add_listen_address(address, true))
 				return false;
-			}
-
-			for(struct addrinfo *aip = ai; aip; aip = aip->ai_next) {
-				if(listen_sockets >= MAXSOCKETS) {
-					logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets");
-					return false;
-				}
-
-				int tcp_fd = setup_listen_socket((sockaddr_t *) aip->ai_addr);
-
-				if(tcp_fd < 0)
-					continue;
-
-				int udp_fd = setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
-
-				if(tcp_fd < 0) {
-					close(tcp_fd);
-					continue;
-				}
-
-				io_add(&listen_socket[listen_sockets].tcp, handle_new_meta_connection, &listen_socket[listen_sockets], tcp_fd, IO_READ);
-				io_add(&listen_socket[listen_sockets].udp, handle_incoming_vpn_data, &listen_socket[listen_sockets], udp_fd, IO_READ);
-
-				if(debug_level >= DEBUG_CONNECTIONS) {
-					hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
-					logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname);
-					free(hostname);
-				}
+		}
 
-				memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
-				listen_sockets++;
-			}
+		for(config_t *cfg = lookup_config(config_tree, "ListenAddress"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
+			cfgs++;
+			get_config_string(cfg, &address);
+			if(!add_listen_address(address, false))
+				return false;
+		}
 
-			freeaddrinfo(ai);
-		} while(cfg);
+		if(!cfgs)
+			if(!add_listen_address(address, NULL))
+				return false;
 	}
 
 	if(!listen_sockets) {
@@ -1044,7 +1082,8 @@ void close_network_connections(void) {
 		terminate_connection(c, false);
 	}
 
-	list_delete_list(outgoing_list);
+	if(outgoing_list)
+		list_delete_list(outgoing_list);
 
 	if(myself && myself->connection) {
 		subnet_update(myself, NULL, false);