3 Copyright (C) 1998-2005 Ivo Timmermans,
4 2000-2012 Guus Sliepen <guus@tinc-vpn.org>
5 2006 Scott Lamb <slamb@slamb.org>
6 2010 Brandon Black <blblack@gmail.com>
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation, Inc.,
20 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include "splay_tree.h"
28 #include "connection.h"
46 static struct event device_ev;
53 proxytype_t proxytype;
55 char *scriptinterpreter;
56 char *scriptextension;
58 bool node_read_ecdsa_public_key(node_t *n) {
59 if(ecdsa_active(&n->ecdsa))
62 splay_tree_t *config_tree;
64 char *pubname = NULL, *hcfname = NULL;
68 xasprintf(&hcfname, "%s" SLASH "hosts" SLASH "%s", confbase, n->name);
70 init_configuration(&config_tree);
71 if(!read_config_file(config_tree, hcfname))
74 /* First, check for simple ECDSAPublicKey statement */
76 if(get_config_string(lookup_config(config_tree, "ECDSAPublicKey"), &p)) {
77 result = ecdsa_set_base64_public_key(&n->ecdsa, p);
82 /* Else, check for ECDSAPublicKeyFile statement and read it */
84 if(!get_config_string(lookup_config(config_tree, "ECDSAPublicKeyFile"), &pubname))
85 xasprintf(&pubname, "%s" SLASH "hosts" SLASH "%s", confbase, n->name);
87 fp = fopen(pubname, "r");
90 logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA public key file `%s': %s", pubname, strerror(errno));
94 result = ecdsa_read_pem_public_key(&n->ecdsa, fp);
98 exit_configuration(&config_tree);
104 bool read_ecdsa_public_key(connection_t *c) {
110 /* First, check for simple ECDSAPublicKey statement */
112 if(get_config_string(lookup_config(c->config_tree, "ECDSAPublicKey"), &p)) {
113 result = ecdsa_set_base64_public_key(&c->ecdsa, p);
118 /* Else, check for ECDSAPublicKeyFile statement and read it */
120 if(!get_config_string(lookup_config(c->config_tree, "ECDSAPublicKeyFile"), &fname))
121 xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, c->name);
123 fp = fopen(fname, "r");
126 logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA public key file `%s': %s",
127 fname, strerror(errno));
132 result = ecdsa_read_pem_public_key(&c->ecdsa, fp);
136 logger(DEBUG_ALWAYS, LOG_ERR, "Parsing ECDSA public key file `%s' failed.", fname);
141 bool read_rsa_public_key(connection_t *c) {
147 /* First, check for simple PublicKey statement */
149 if(get_config_string(lookup_config(c->config_tree, "PublicKey"), &n)) {
150 result = rsa_set_hex_public_key(&c->rsa, n, "FFFF");
155 /* Else, check for PublicKeyFile statement and read it */
157 if(!get_config_string(lookup_config(c->config_tree, "PublicKeyFile"), &fname))
158 xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, c->name);
160 fp = fopen(fname, "r");
163 logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
168 result = rsa_read_pem_public_key(&c->rsa, fp);
172 logger(DEBUG_ALWAYS, LOG_ERR, "Reading RSA public key file `%s' failed: %s", fname, strerror(errno));
177 static bool read_ecdsa_private_key(void) {
182 /* Check for PrivateKeyFile statement and read it */
184 if(!get_config_string(lookup_config(config_tree, "ECDSAPrivateKeyFile"), &fname))
185 xasprintf(&fname, "%s" SLASH "ecdsa_key.priv", confbase);
187 fp = fopen(fname, "r");
190 logger(DEBUG_ALWAYS, LOG_ERR, "Error reading ECDSA private key file `%s': %s", fname, strerror(errno));
195 #if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
198 if(fstat(fileno(fp), &s)) {
199 logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat ECDSA private key file `%s': %s'", fname, strerror(errno));
204 if(s.st_mode & ~0100700)
205 logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for ECDSA private key file `%s'!", fname);
208 result = ecdsa_read_pem_private_key(&myself->connection->ecdsa, fp);
212 logger(DEBUG_ALWAYS, LOG_ERR, "Reading ECDSA private key file `%s' failed: %s", fname, strerror(errno));
217 static bool read_rsa_private_key(void) {
223 /* First, check for simple PrivateKey statement */
225 if(get_config_string(lookup_config(config_tree, "PrivateKey"), &d)) {
226 if(!get_config_string(lookup_config(config_tree, "PublicKey"), &n)) {
227 logger(DEBUG_ALWAYS, LOG_ERR, "PrivateKey used but no PublicKey found!");
231 result = rsa_set_hex_private_key(&myself->connection->rsa, n, "FFFF", d);
237 /* Else, check for PrivateKeyFile statement and read it */
239 if(!get_config_string(lookup_config(config_tree, "PrivateKeyFile"), &fname))
240 xasprintf(&fname, "%s" SLASH "rsa_key.priv", confbase);
242 fp = fopen(fname, "r");
245 logger(DEBUG_ALWAYS, LOG_ERR, "Error reading RSA private key file `%s': %s",
246 fname, strerror(errno));
251 #if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
254 if(fstat(fileno(fp), &s)) {
255 logger(DEBUG_ALWAYS, LOG_ERR, "Could not stat RSA private key file `%s': %s'", fname, strerror(errno));
260 if(s.st_mode & ~0100700)
261 logger(DEBUG_ALWAYS, LOG_WARNING, "Warning: insecure file permissions for RSA private key file `%s'!", fname);
264 result = rsa_read_pem_private_key(&myself->connection->rsa, fp);
268 logger(DEBUG_ALWAYS, LOG_ERR, "Reading RSA private key file `%s' failed: %s", fname, strerror(errno));
273 static struct event keyexpire_event;
275 static void keyexpire_handler(int fd, short events, void *data) {
279 void regenerate_key(void) {
280 if(timeout_initialized(&keyexpire_event)) {
281 logger(DEBUG_STATUS, LOG_INFO, "Expiring symmetric keys");
282 event_del(&keyexpire_event);
285 timeout_set(&keyexpire_event, keyexpire_handler, NULL);
288 event_add(&keyexpire_event, &(struct timeval){keylifetime, 0});
292 Read Subnets from all host config files
294 void load_all_subnets(void) {
299 splay_tree_t *config_tree;
304 xasprintf(&dname, "%s" SLASH "hosts", confbase);
305 dir = opendir(dname);
307 logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
312 while((ent = readdir(dir))) {
313 if(!check_id(ent->d_name))
316 n = lookup_node(ent->d_name);
317 #ifdef _DIRENT_HAVE_D_TYPE
318 //if(ent->d_type != DT_REG)
322 xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
323 init_configuration(&config_tree);
324 read_config_options(config_tree, ent->d_name);
325 read_config_file(config_tree, fname);
330 n->name = xstrdup(ent->d_name);
334 for(cfg = lookup_config(config_tree, "Subnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
335 if(!get_config_subnet(cfg, &s))
338 if((s2 = lookup_subnet(n, s))) {
345 exit_configuration(&config_tree);
351 char *get_name(void) {
354 get_config_string(lookup_config(config_tree, "Name"), &name);
360 char *envname = getenv(name + 1);
362 if(strcmp(name + 1, "HOST")) {
363 fprintf(stderr, "Invalid Name: environment variable %s does not exist\n", name + 1);
366 envname = alloca(32);
367 if(gethostname(envname, 32)) {
368 fprintf(stderr, "Could not get hostname: %s\n", strerror(errno));
374 name = xstrdup(envname);
375 for(char *c = name; *c; c++)
380 if(!check_id(name)) {
381 logger(DEBUG_ALWAYS, LOG_ERR, "Invalid name for myself!");
389 bool setup_myself_reloadable(void) {
398 free(scriptinterpreter);
399 scriptinterpreter = NULL;
400 get_config_string(lookup_config(config_tree, "ScriptsInterpreter"), &scriptinterpreter);
403 free(scriptextension);
404 if(!get_config_string(lookup_config(config_tree, "ScriptsExtension"), &scriptextension))
406 scriptextension = xstrdup(".bat");
408 scriptextension = xstrdup("");
411 get_config_string(lookup_config(config_tree, "Proxy"), &proxy);
413 if((space = strchr(proxy, ' ')))
416 if(!strcasecmp(proxy, "none")) {
417 proxytype = PROXY_NONE;
418 } else if(!strcasecmp(proxy, "socks4")) {
419 proxytype = PROXY_SOCKS4;
420 } else if(!strcasecmp(proxy, "socks4a")) {
421 proxytype = PROXY_SOCKS4A;
422 } else if(!strcasecmp(proxy, "socks5")) {
423 proxytype = PROXY_SOCKS5;
424 } else if(!strcasecmp(proxy, "http")) {
425 proxytype = PROXY_HTTP;
426 } else if(!strcasecmp(proxy, "exec")) {
427 proxytype = PROXY_EXEC;
429 logger(DEBUG_ALWAYS, LOG_ERR, "Unknown proxy type %s!", proxy);
439 if(!space || !*space) {
440 logger(DEBUG_ALWAYS, LOG_ERR, "Argument expected for proxy type exec!");
443 proxyhost = xstrdup(space);
451 if(space && (space = strchr(space, ' ')))
452 *space++ = 0, proxyport = space;
453 if(space && (space = strchr(space, ' ')))
454 *space++ = 0, proxyuser = space;
455 if(space && (space = strchr(space, ' ')))
456 *space++ = 0, proxypass = space;
457 if(!proxyhost || !*proxyhost || !proxyport || !*proxyport) {
458 logger(DEBUG_ALWAYS, LOG_ERR, "Host and port argument expected for proxy!");
461 proxyhost = xstrdup(proxyhost);
462 proxyport = xstrdup(proxyport);
463 if(proxyuser && *proxyuser)
464 proxyuser = xstrdup(proxyuser);
465 if(proxypass && *proxypass)
466 proxypass = xstrdup(proxypass);
473 if(get_config_bool(lookup_config(config_tree, "IndirectData"), &choice) && choice)
474 myself->options |= OPTION_INDIRECT;
476 if(get_config_bool(lookup_config(config_tree, "TCPOnly"), &choice) && choice)
477 myself->options |= OPTION_TCPONLY;
479 if(myself->options & OPTION_TCPONLY)
480 myself->options |= OPTION_INDIRECT;
482 get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
483 get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
485 if(get_config_string(lookup_config(config_tree, "Mode"), &rmode)) {
486 if(!strcasecmp(rmode, "router"))
487 routing_mode = RMODE_ROUTER;
488 else if(!strcasecmp(rmode, "switch"))
489 routing_mode = RMODE_SWITCH;
490 else if(!strcasecmp(rmode, "hub"))
491 routing_mode = RMODE_HUB;
493 logger(DEBUG_ALWAYS, LOG_ERR, "Invalid routing mode!");
499 if(get_config_string(lookup_config(config_tree, "Forwarding"), &fmode)) {
500 if(!strcasecmp(fmode, "off"))
501 forwarding_mode = FMODE_OFF;
502 else if(!strcasecmp(fmode, "internal"))
503 forwarding_mode = FMODE_INTERNAL;
504 else if(!strcasecmp(fmode, "kernel"))
505 forwarding_mode = FMODE_KERNEL;
507 logger(DEBUG_ALWAYS, LOG_ERR, "Invalid forwarding mode!");
514 get_config_bool(lookup_config(config_tree, "PMTUDiscovery"), &choice);
516 myself->options |= OPTION_PMTU_DISCOVERY;
519 get_config_bool(lookup_config(config_tree, "ClampMSS"), &choice);
521 myself->options |= OPTION_CLAMP_MSS;
523 get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance);
524 get_config_bool(lookup_config(config_tree, "DecrementTTL"), &decrement_ttl);
525 if(get_config_string(lookup_config(config_tree, "Broadcast"), &bmode)) {
526 if(!strcasecmp(bmode, "no"))
527 broadcast_mode = BMODE_NONE;
528 else if(!strcasecmp(bmode, "yes") || !strcasecmp(bmode, "mst"))
529 broadcast_mode = BMODE_MST;
530 else if(!strcasecmp(bmode, "direct"))
531 broadcast_mode = BMODE_DIRECT;
533 logger(DEBUG_ALWAYS, LOG_ERR, "Invalid broadcast mode!");
539 #if !defined(SOL_IP) || !defined(IP_TOS)
540 if(priorityinheritance)
541 logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform", "PriorityInheritance");
544 if(!get_config_int(lookup_config(config_tree, "MACExpire"), &macexpire))
547 if(get_config_int(lookup_config(config_tree, "MaxTimeout"), &maxtimeout)) {
548 if(maxtimeout <= 0) {
549 logger(DEBUG_ALWAYS, LOG_ERR, "Bogus maximum timeout!");
555 if(get_config_string(lookup_config(config_tree, "AddressFamily"), &afname)) {
556 if(!strcasecmp(afname, "IPv4"))
557 addressfamily = AF_INET;
558 else if(!strcasecmp(afname, "IPv6"))
559 addressfamily = AF_INET6;
560 else if(!strcasecmp(afname, "any"))
561 addressfamily = AF_UNSPEC;
563 logger(DEBUG_ALWAYS, LOG_ERR, "Invalid address family!");
569 get_config_bool(lookup_config(config_tree, "Hostnames"), &hostnames);
571 if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
578 Configure node_t myself and set up the local sockets (listen only)
580 static bool setup_myself(void) {
583 char *name, *hostname, *cipher, *digest, *type;
585 char *address = NULL;
587 struct addrinfo *ai, *aip, hint = {0};
591 if(!(name = get_name())) {
592 logger(DEBUG_ALWAYS, LOG_ERR, "Name for tinc daemon required!");
597 myself->connection = new_connection();
599 myself->connection->name = xstrdup(name);
600 xasprintf(&fname, "%s" SLASH "hosts" SLASH "%s", confbase, name);
601 read_config_options(config_tree, name);
602 read_config_file(config_tree, fname);
605 if(!get_config_string(lookup_config(config_tree, "Port"), &myport))
606 myport = xstrdup("655");
608 xasprintf(&myself->hostname, "MYSELF port %s", myport);
609 myself->connection->hostname = xstrdup(myself->hostname);
611 myself->connection->options = 0;
612 myself->connection->protocol_major = PROT_MAJOR;
613 myself->connection->protocol_minor = PROT_MINOR;
615 myself->options |= PROT_MINOR << 24;
617 get_config_bool(lookup_config(config_tree, "ExperimentalProtocol"), &experimental);
619 if(experimental && !read_ecdsa_private_key())
622 if(!read_rsa_private_key())
626 struct addrinfo *ai = str2addrinfo("localhost", myport, SOCK_DGRAM);
628 if(!ai || !ai->ai_addr)
631 memcpy(&sa, ai->ai_addr, ai->ai_addrlen);
632 sockaddr2str(&sa, NULL, &myport);
635 /* Read in all the subnets specified in the host configuration file */
637 cfg = lookup_config(config_tree, "Subnet");
640 if(!get_config_subnet(cfg, &subnet))
643 subnet_add(myself, subnet);
645 cfg = lookup_config_next(config_tree, cfg);
648 /* Check some options */
650 if(!setup_myself_reloadable())
653 get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
654 get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
655 strictsubnets |= tunnelserver;
659 if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) {
660 if(udp_rcvbuf <= 0) {
661 logger(DEBUG_ALWAYS, LOG_ERR, "UDPRcvBuf cannot be negative!");
666 if(get_config_int(lookup_config(config_tree, "UDPSndBuf"), &udp_sndbuf)) {
667 if(udp_sndbuf <= 0) {
668 logger(DEBUG_ALWAYS, LOG_ERR, "UDPSndBuf cannot be negative!");
673 if(get_config_int(lookup_config(config_tree, "ReplayWindow"), &replaywin_int)) {
674 if(replaywin_int < 0) {
675 logger(DEBUG_ALWAYS, LOG_ERR, "ReplayWindow cannot be negative!");
678 replaywin = (unsigned)replaywin_int;
681 /* Generate packet encryption key */
683 if(!get_config_string(lookup_config(config_tree, "Cipher"), &cipher))
684 cipher = xstrdup("blowfish");
686 if(!cipher_open_by_name(&myself->incipher, cipher)) {
687 logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized cipher type!");
693 /* Check if we want to use message authentication codes... */
696 get_config_int(lookup_config(config_tree, "MACLength"), &maclength);
699 logger(DEBUG_ALWAYS, LOG_ERR, "Bogus MAC length!");
703 if(!get_config_string(lookup_config(config_tree, "Digest"), &digest))
704 digest = xstrdup("sha1");
706 if(!digest_open_by_name(&myself->indigest, digest, maclength)) {
707 logger(DEBUG_ALWAYS, LOG_ERR, "Unrecognized digest type!");
713 if(get_config_int(lookup_config(config_tree, "Compression"), &myself->incompression)) {
714 if(myself->incompression < 0 || myself->incompression > 11) {
715 logger(DEBUG_ALWAYS, LOG_ERR, "Bogus compression level!");
719 myself->incompression = 0;
721 myself->connection->outcompression = 0;
725 myself->nexthop = myself;
726 myself->via = myself;
727 myself->status.reachable = true;
728 myself->last_state_change = time(NULL);
729 myself->status.sptps = experimental;
741 if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) {
742 if(!strcasecmp(type, "dummy"))
743 devops = dummy_devops;
744 else if(!strcasecmp(type, "raw_socket"))
745 devops = raw_socket_devops;
746 else if(!strcasecmp(type, "multicast"))
747 devops = multicast_devops;
749 else if(!strcasecmp(type, "uml"))
753 else if(!strcasecmp(type, "vde"))
762 event_set(&device_ev, device_fd, EV_READ|EV_PERSIST, handle_device_data, NULL);
764 if (event_add(&device_ev, NULL) < 0) {
765 logger(DEBUG_ALWAYS, LOG_ERR, "event_add failed: %s", strerror(errno));
771 /* Run tinc-up script to further initialize the tap interface */
772 xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
773 xasprintf(&envp[1], "DEVICE=%s", device ? : "");
774 xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
775 xasprintf(&envp[3], "NAME=%s", myself->name);
778 execute_script("tinc-up", envp);
780 for(i = 0; i < 4; i++)
783 /* Run subnet-up scripts for our own subnets */
785 subnet_update(myself, NULL, true);
789 if(!do_detach && getenv("LISTEN_FDS")) {
793 listen_sockets = atoi(getenv("LISTEN_FDS"));
795 unsetenv("LISTEN_FDS");
798 if(listen_sockets > MAXSOCKETS) {
799 logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets");
803 for(i = 0; i < listen_sockets; i++) {
805 if(getsockname(i + 3, &sa.sa, &salen) < 0) {
806 logger(DEBUG_ALWAYS, LOG_ERR, "Could not get address of listen fd %d: %s", i + 3, sockstrerror(errno));
810 listen_socket[i].tcp = i + 3;
813 fcntl(i + 3, F_SETFD, FD_CLOEXEC);
816 listen_socket[i].udp = setup_vpn_in_socket(&sa);
817 if(listen_socket[i].udp < 0)
820 event_set(&listen_socket[i].ev_tcp, listen_socket[i].tcp, EV_READ|EV_PERSIST, handle_new_meta_connection, NULL);
821 if(event_add(&listen_socket[i].ev_tcp, NULL) < 0) {
822 logger(DEBUG_ALWAYS, LOG_ERR, "event_add failed: %s", strerror(errno));
826 event_set(&listen_socket[i].ev_udp, listen_socket[i].udp, EV_READ|EV_PERSIST, handle_incoming_vpn_data, (void *)(intptr_t)listen_sockets);
827 if(event_add(&listen_socket[listen_sockets].ev_udp, NULL) < 0) {
828 logger(DEBUG_ALWAYS, LOG_ERR, "event_add failed: %s", strerror(errno));
832 if(debug_level >= DEBUG_CONNECTIONS) {
833 hostname = sockaddr2hostname(&sa);
834 logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname);
838 memcpy(&listen_socket[i].sa, &sa, salen);
842 cfg = lookup_config(config_tree, "BindToAddress");
845 get_config_string(cfg, &address);
847 cfg = lookup_config_next(config_tree, cfg);
852 char *space = strchr(address, ' ');
858 if(!strcmp(address, "*"))
862 hint.ai_family = addressfamily;
863 hint.ai_socktype = SOCK_STREAM;
864 hint.ai_protocol = IPPROTO_TCP;
865 hint.ai_flags = AI_PASSIVE;
867 err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
871 logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
876 for(aip = ai; aip; aip = aip->ai_next) {
877 if(listen_sockets >= MAXSOCKETS) {
878 logger(DEBUG_ALWAYS, LOG_ERR, "Too many listening sockets");
882 listen_socket[listen_sockets].tcp =
883 setup_listen_socket((sockaddr_t *) aip->ai_addr);
885 if(listen_socket[listen_sockets].tcp < 0)
888 listen_socket[listen_sockets].udp =
889 setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
891 if(listen_socket[listen_sockets].udp < 0) {
892 close(listen_socket[listen_sockets].tcp);
896 event_set(&listen_socket[listen_sockets].ev_tcp,
897 listen_socket[listen_sockets].tcp,
899 handle_new_meta_connection, NULL);
900 if(event_add(&listen_socket[listen_sockets].ev_tcp, NULL) < 0) {
901 logger(DEBUG_ALWAYS, LOG_ERR, "event_add failed: %s", strerror(errno));
905 event_set(&listen_socket[listen_sockets].ev_udp,
906 listen_socket[listen_sockets].udp,
908 handle_incoming_vpn_data, (void *)(intptr_t)listen_sockets);
909 if(event_add(&listen_socket[listen_sockets].ev_udp, NULL) < 0) {
910 logger(DEBUG_ALWAYS, LOG_ERR, "event_add failed: %s", strerror(errno));
914 if(debug_level >= DEBUG_CONNECTIONS) {
915 hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
916 logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Listening on %s", hostname);
920 memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
929 logger(DEBUG_ALWAYS, LOG_NOTICE, "Ready");
931 logger(DEBUG_ALWAYS, LOG_ERR, "Unable to create any listening socket!");
935 last_config_check = time(NULL);
943 bool setup_network(void) {
950 if(get_config_int(lookup_config(config_tree, "PingInterval"), &pinginterval)) {
951 if(pinginterval < 1) {
952 pinginterval = 86400;
957 if(!get_config_int(lookup_config(config_tree, "PingTimeout"), &pingtimeout))
959 if(pingtimeout < 1 || pingtimeout > pinginterval)
960 pingtimeout = pinginterval;
962 if(!get_config_int(lookup_config(config_tree, "MaxOutputBufferSize"), &maxoutbufsize))
963 maxoutbufsize = 10 * MTU;
972 close all open network connections
974 void close_network_connections(void) {
975 splay_node_t *node, *next;
980 for(node = connection_tree->head; node; node = next) {
983 /* Keep control connections open until the end, so they know when we really terminated */
984 if(c->status.control)
987 terminate_connection(c, false);
990 list_delete_list(outgoing_list);
992 if(myself && myself->connection) {
993 subnet_update(myself, NULL, false);
994 terminate_connection(myself->connection, false);
995 free_connection(myself->connection);
998 for(i = 0; i < listen_sockets; i++) {
999 event_del(&listen_socket[i].ev_tcp);
1000 event_del(&listen_socket[i].ev_udp);
1001 close(listen_socket[i].tcp);
1002 close(listen_socket[i].udp);
1005 xasprintf(&envp[0], "NETNAME=%s", netname ? : "");
1006 xasprintf(&envp[1], "DEVICE=%s", device ? : "");
1007 xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
1008 xasprintf(&envp[3], "NAME=%s", myself->name);
1017 execute_script("tinc-down", envp);
1019 if(myport) free(myport);
1021 for(i = 0; i < 4; i++)
projects / tinc / blob