2 protocol.c -- handle the meta-protocol
3 Copyright (C) 1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: protocol.c,v 1.28.4.22 2000/08/08 08:48:50 guus Exp $
25 #include <sys/types.h>
30 #include <sys/socket.h>
37 #include <netinet/in.h>
47 char buffer[MAXBUFSIZE+1];
50 /* Outgoing request routines */
52 int send_ack(conn_list_t *cl)
56 syslog(LOG_DEBUG, _("Sending ACK to %s (%s)"),
57 cl->vpn_hostname, cl->real_hostname);
59 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", ACK);
61 if((write(cl->meta_socket, buffer, buflen)) < 0)
63 syslog(LOG_ERR, _("Send failed: %d:%d: %m"), __FILE__, __LINE__);
70 int send_termreq(conn_list_t *cl)
74 syslog(LOG_DEBUG, _("Sending TERMREQ to %s (%s)"),
75 cl->vpn_hostname, cl->real_hostname);
77 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", TERMREQ, myself->vpn_ip);
79 if(write(cl->meta_socket, buffer, buflen) < 0)
82 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
89 int send_timeout(conn_list_t *cl)
93 syslog(LOG_DEBUG, _("Sending TIMEOUT to %s (%s)"),
94 cl->vpn_hostname, cl->real_hostname);
96 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip);
98 if((write(cl->meta_socket, buffer, buflen)) < 0)
100 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
107 int send_del_host(conn_list_t *cl, conn_list_t *new_host)
111 syslog(LOG_DEBUG, _("Sending DEL_HOST for %s (%s) to %s (%s)"),
112 new_host->vpn_hostname, new_host->real_hostname, cl->vpn_hostname, cl->real_hostname);
114 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", DEL_HOST, new_host->vpn_ip);
116 if((write(cl->meta_socket, buffer, buflen)) < 0)
118 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
125 /* Evil hack - TCP tunneling is bad */
126 int send_tcppacket(conn_list_t *cl, void *data, int len)
130 syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
131 cl->vpn_hostname, cl->real_hostname);
133 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
135 if((write(cl->meta_socket, buffer, buflen)) != buflen)
137 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
141 if((write(cl->meta_socket, data, len)) != len)
143 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
151 int send_ping(conn_list_t *cl)
155 syslog(LOG_DEBUG, _("Sending PING to %s (%s)"),
156 cl->vpn_hostname, cl->real_hostname);
158 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PING);
160 if((write(cl->meta_socket, buffer, buflen)) < 0)
162 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
169 int send_pong(conn_list_t *cl)
173 syslog(LOG_DEBUG, _("Sending PONG to %s (%s)"),
174 cl->vpn_hostname, cl->real_hostname);
176 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PONG);
178 if((write(cl->meta_socket, buffer, buflen)) < 0)
180 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
187 int send_add_host(conn_list_t *cl, conn_list_t *new_host)
193 real_ip = new_host->real_ip;
194 hostname = new_host->real_hostname;
195 flags = new_host->flags;
197 /* If we need to propagate information about a new host that wants us to export
198 * it's indirectdata flag, we set the INDIRECTDATA flag and unset the EXPORT...
199 * flag, and set it's real_ip to our vpn_ip, so that net.c send_packet() will
203 if(flags & EXPORTINDIRECTDATA)
205 flags &= ~EXPORTINDIRECTDATA;
206 flags |= INDIRECTDATA;
207 real_ip = myself->vpn_ip;
208 hostname = myself->real_hostname;
212 syslog(LOG_DEBUG, _("Sending ADD_HOST for %s (%s) to %s (%s)"),
213 new_host->vpn_hostname, hostname, cl->vpn_hostname, cl->real_hostname);
215 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx/%lx:%x %d\n", ADD_HOST, real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port, flags);
217 if((write(cl->meta_socket, buffer, buflen)) < 0)
219 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
226 int send_key_changed(conn_list_t *cl, conn_list_t *src)
230 syslog(LOG_DEBUG, _("Sending KEY_CHANGED origin %s to %s (%s)"),
231 src->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
233 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", KEY_CHANGED, src->vpn_ip);
235 if((write(cl->meta_socket, buffer, buflen)) < 0)
237 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
244 void send_key_changed_all(void)
248 for(p = conn_list; p != NULL; p = p->next)
249 if(p->status.meta && p->status.active)
250 send_key_changed(p, myself);
254 int send_basic_info(conn_list_t *cl)
258 syslog(LOG_DEBUG, _("Sending BASIC_INFO to %s"),
261 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d %lx/%lx:%x %d\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port, myself->flags);
263 if((write(cl->meta_socket, buffer, buflen)) < 0)
265 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
272 int send_passphrase(conn_list_t *cl)
276 encrypt_passphrase(&tmp);
279 syslog(LOG_DEBUG, _("Sending PASSPHRASE to %s (%s)"),
280 cl->vpn_hostname, cl->real_hostname);
282 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PASSPHRASE, tmp.phrase);
284 if((write(cl->meta_socket, buffer, buflen)) < 0)
286 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
293 int send_public_key(conn_list_t *cl)
297 syslog(LOG_DEBUG, _("Sending PUBLIC_KEY to %s (%s)"),
298 cl->vpn_hostname, cl->real_hostname);
300 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PUBLIC_KEY, my_public_key_base36);
302 if((write(cl->meta_socket, buffer, buflen)) < 0)
304 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
311 /* WDN doet deze functie? (GS)
312 int send_calculate(conn_list_t *cl, char *k)
315 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", CALCULATE, k);
317 if((write(cl->meta_socket, buffer, buflen)) < 0)
319 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
327 int send_key_request(ip_t to)
331 fw = lookup_conn(to);
334 syslog(LOG_ERR, _("Attempting to send REQ_KEY to %d.%d.%d.%d, which does not exist?"),
340 syslog(LOG_DEBUG, _("Sending REQ_KEY to %s (%s)"),
341 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
343 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip);
345 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
347 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
350 fw->status.waitingforkey = 1;
355 int send_key_answer(conn_list_t *cl, ip_t to)
360 fw = lookup_conn(to);
364 syslog(LOG_ERR, _("Attempting to send ANS_KEY to %d.%d.%d.%d, which does not exist?"),
370 syslog(LOG_DEBUG, _("Sending ANS_KEY to %s (%s)"),
371 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
373 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36);
375 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
377 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
385 notify all my direct connections of a new host
386 that was added to the vpn, with the exception
387 of the source of the announcement.
389 int notify_others(conn_list_t *new, conn_list_t *source,
390 int (*function)(conn_list_t*, conn_list_t*))
394 for(p = conn_list; p != NULL; p = p->next)
395 if(p != new && p != source && p->status.meta && p->status.active)
402 notify one connection of everything
405 int notify_one(conn_list_t *new)
409 for(p = conn_list; p != NULL; p = p->next)
410 if(p != new && p->status.active)
411 send_add_host(new, p);
417 The incoming request handlers
420 int basic_info_h(conn_list_t *cl)
425 syslog(LOG_DEBUG, _("Got BASIC_INFO from %s"), cl->real_hostname);
427 if(sscanf(cl->buffer, "%*d %d %lx/%lx:%hx %d", &cl->protocol_version, &cl->vpn_ip, &cl->vpn_mask, &cl->port, &cl->flags) != 5)
429 syslog(LOG_ERR, _("Got bad BASIC_INFO from %s"),
434 cl->vpn_hostname = hostlookup(htonl(cl->vpn_ip));
436 if(cl->protocol_version != PROT_CURRENT)
438 syslog(LOG_ERR, _("Peer uses incompatible protocol version %d"),
439 cl->protocol_version);
443 if(cl->status.outgoing)
445 /* First check if the host we connected to is already in our
446 connection list. If so, we are probably making a loop, which
450 if((old=lookup_conn(cl->vpn_ip)))
453 syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"),
454 cl->vpn_hostname, cl->real_hostname);
455 cl->status.outgoing = 0;
456 old->status.outgoing = 1;
457 terminate_connection(cl);
461 if(setup_vpn_connection(cl) < 0)
468 if(setup_vpn_connection(cl) < 0)
476 int passphrase_h(conn_list_t *cl)
479 cl->pp = xmalloc(sizeof(*(cl->pp)));
481 if(sscanf(cl->buffer, "%*d %as", &(cl->pp->phrase)) != 1)
483 syslog(LOG_ERR, _("Got bad PASSPHRASE from %s (%s)"),
484 cl->vpn_hostname, cl->real_hostname);
487 cl->pp->len = strlen(cl->pp->phrase);
490 syslog(LOG_DEBUG, _("Got PASSPHRASE from %s (%s)"),
491 cl->vpn_hostname, cl->real_hostname);
493 if(cl->status.outgoing)
501 int public_key_h(conn_list_t *cl)
506 if(sscanf(cl->buffer, "%*d %as", &g_n) != 1)
508 syslog(LOG_ERR, _("Got bad PUBLIC_KEY from %s (%s)"),
509 cl->vpn_hostname, cl->real_hostname);
514 syslog(LOG_DEBUG, _("Got PUBLIC_KEY from %s (%s)"),
515 cl->vpn_hostname, cl->real_hostname);
517 if(verify_passphrase(cl, g_n))
520 syslog(LOG_ERR, _("Intruder from %s: passphrase for %s does not match!"),
521 cl->real_hostname, cl->vpn_hostname);
525 if(cl->status.outgoing)
531 /* Okay, before we active the connection, we check if there is another entry
532 in the connection list with the same vpn_ip. If so, it presumably is an
533 old connection that has timed out but we don't know it yet.
536 while((old = lookup_conn(cl->vpn_ip)))
539 syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"),
540 cl->vpn_hostname, old->real_hostname, cl->real_hostname);
541 old->status.active = 0;
542 terminate_connection(old);
545 cl->status.active = 1;
548 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
549 cl->vpn_hostname, cl->real_hostname);
551 notify_others(cl, NULL, send_add_host);
558 int ack_h(conn_list_t *cl)
562 syslog(LOG_DEBUG, _("Got ACK from %s (%s)"),
563 cl->vpn_hostname, cl->real_hostname);
565 cl->status.active = 1;
568 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
569 cl->vpn_hostname, cl->real_hostname);
571 notify_others(cl, NULL, send_add_host);
579 int termreq_h(conn_list_t *cl)
582 if(!cl->status.active)
584 syslog(LOG_ERR, _("Got unauthorized TERMREQ from %s (%s)"),
585 cl->vpn_hostname, cl->real_hostname);
590 syslog(LOG_DEBUG, _("Got TERMREQ from %s (%s)"),
591 cl->vpn_hostname, cl->real_hostname);
593 cl->status.termreq = 1;
595 terminate_connection(cl);
600 int timeout_h(conn_list_t *cl)
603 if(!cl->status.active)
605 syslog(LOG_ERR, _("Got unauthorized TIMEOUT from %s (%s)"),
606 cl->vpn_hostname, cl->real_hostname);
611 syslog(LOG_DEBUG, _("Got TIMEOUT from %s (%s)"),
612 cl->vpn_hostname, cl->real_hostname);
614 cl->status.termreq = 1;
615 terminate_connection(cl);
620 int del_host_h(conn_list_t *cl)
625 if(!cl->status.active)
627 syslog(LOG_ERR, _("Got unauthorized DEL_HOST from %s (%s)"),
628 cl->vpn_hostname, cl->real_hostname);
632 if(sscanf(cl->buffer, "%*d %lx", &vpn_ip) != 1)
634 syslog(LOG_ERR, _("Got bad DEL_HOST from %s (%s)"),
635 cl->vpn_hostname, cl->real_hostname);
639 if(!(fw = lookup_conn(vpn_ip)))
641 syslog(LOG_ERR, _("Got DEL_HOST for %d.%d.%d.%d from %s (%s) which does not exist?"),
642 IP_ADDR_V(vpn_ip), cl->vpn_hostname, cl->real_hostname);
646 /* Connections lists are really messed up if this happens */
647 if(vpn_ip == myself->vpn_ip)
649 syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"),
650 cl->vpn_hostname, cl->real_hostname);
656 syslog(LOG_DEBUG, _("Got DEL_HOST for %s (%s) from %s (%s)"),
657 fw->vpn_hostname, fw->real_hostname, cl->vpn_hostname, cl->real_hostname);
659 notify_others(fw, cl, send_del_host);
661 fw->status.termreq = 1;
662 fw->status.active = 0;
664 terminate_connection(fw);
669 int tcppacket_h(conn_list_t *cl)
672 int len, count = 0, result;
675 if(!cl->status.active)
677 syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
678 cl->vpn_hostname, cl->real_hostname);
682 if(sscanf(cl->buffer, "%*d %d", &len) != 1)
684 syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
685 cl->vpn_hostname, cl->real_hostname);
691 syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
692 cl->vpn_hostname, cl->real_hostname);
696 /* Evil kludge comming up */
699 syslog(LOG_DEBUG, _("Direct read count=%d len=%d rp=%p socket=%d"), count, len, ((char *)&rp)+count, cl->meta_socket);
700 result=read(cl->meta_socket,((char *)&rp)+count,len);
703 syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s): %m"),
704 cl->vpn_hostname, cl->real_hostname);
712 syslog(LOG_DEBUG, _("Got PACKET length %d from %s (%s)"), len,
713 cl->vpn_hostname, cl->real_hostname);
715 total_socket_in += len;
717 rp.data.len = ntohs(rp.data.len);
718 rp.len = ntohs(rp.len);
719 rp.from = ntohl(rp.from);
723 f = lookup_conn(rp.from);
726 syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
727 cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp.from));
731 if(f->status.validkey)
735 add_queue(&(f->rq), &rp, rp.len);
736 if(!cl->status.waitingforkey)
737 send_key_request(rp.from);
740 if(my_key_expiry <= time(NULL))
748 int ping_h(conn_list_t *cl)
751 if(!cl->status.active)
753 syslog(LOG_ERR, _("Got unauthorized PING from %s (%s)"),
754 cl->vpn_hostname, cl->real_hostname);
759 syslog(LOG_DEBUG, _("Got PING from %s (%s)"),
760 cl->vpn_hostname, cl->real_hostname);
762 cl->status.pinged = 0;
763 cl->status.got_pong = 1;
770 int pong_h(conn_list_t *cl)
773 if(!cl->status.active)
775 syslog(LOG_ERR, _("Got unauthorized PONG from %s (%s)"),
776 cl->vpn_hostname, cl->real_hostname);
781 syslog(LOG_DEBUG, _("Got PONG from %s (%s)"),
782 cl->vpn_hostname, cl->real_hostname);
784 cl->status.got_pong = 1;
789 int add_host_h(conn_list_t *cl)
796 conn_list_t *ncn, *old;
798 if(!cl->status.active)
800 syslog(LOG_ERR, _("Got unauthorized ADD_HOST from %s (%s)"),
801 cl->vpn_hostname, cl->real_hostname);
805 if(sscanf(cl->buffer, "%*d %lx %lx/%lx:%hx %d", &real_ip, &vpn_ip, &vpn_mask, &port, &flags) != 5)
807 syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s)"),
808 cl->vpn_hostname, cl->real_hostname);
812 if((old = lookup_conn(vpn_ip)))
814 if((real_ip==old->real_ip) && (vpn_mask==old->vpn_mask) && (port==old->port))
817 syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"),
818 old->vpn_hostname, old->real_hostname, cl->vpn_hostname, cl->real_hostname);
819 goto skip_add_host; /* One goto a day keeps the deeply nested if constructions away. */
824 syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"),
825 old->vpn_hostname, old->real_hostname);
826 old->status.active = 0;
827 terminate_connection(old);
831 /* Connections lists are really messed up if this happens */
832 if(vpn_ip == myself->vpn_ip)
834 syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"),
835 cl->vpn_hostname, cl->real_hostname);
840 ncn = new_conn_list();
841 ncn->real_ip = real_ip;
842 ncn->real_hostname = hostlookup(htonl(real_ip));
843 ncn->vpn_ip = vpn_ip;
844 ncn->vpn_mask = vpn_mask;
845 ncn->vpn_hostname = hostlookup(htonl(vpn_ip));
849 ncn->next = conn_list;
851 ncn->status.active = 1;
854 syslog(LOG_DEBUG, _("Got ADD_HOST for %s (%s) from %s (%s)"),
855 ncn->vpn_hostname, ncn->real_hostname, cl->vpn_hostname, cl->real_hostname);
857 notify_others(ncn, cl, send_add_host);
864 int req_key_h(conn_list_t *cl)
870 if(!cl->status.active)
872 syslog(LOG_ERR, _("Got unauthorized REQ_KEY from %s (%s)"),
873 cl->vpn_hostname, cl->real_hostname);
877 if(sscanf(cl->buffer, "%*d %lx %lx", &to, &from) != 2)
879 syslog(LOG_ERR, _("Got bad REQ_KEY from %s (%s)"),
880 cl->vpn_hostname, cl->real_hostname);
885 syslog(LOG_DEBUG, _("Got REQ_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
886 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
888 if((to & myself->vpn_mask) == (myself->vpn_ip & myself->vpn_mask))
889 { /* hey! they want something from ME! :) */
890 send_key_answer(cl, from);
894 fw = lookup_conn(to);
898 syslog(LOG_ERR, _("Attempting to forward REQ_KEY to %d.%d.%d.%d, which does not exist?"),
904 syslog(LOG_DEBUG, _("Forwarding REQ_KEY to %s (%s)"),
905 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
907 cl->buffer[cl->reqlen-1] = '\n';
909 if(write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen) < 0)
911 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
918 void set_keys(conn_list_t *cl, int expiry, char *key)
924 cl->public_key = xmalloc(sizeof(*cl->key));
925 cl->public_key->key = NULL;
928 if(cl->public_key->key)
929 free(cl->public_key->key);
930 cl->public_key->length = strlen(key);
931 cl->public_key->expiry = expiry;
932 cl->public_key->key = xmalloc(cl->public_key->length + 1);
933 strcpy(cl->public_key->key, key);
935 ek = make_shared_key(key);
939 cl->key = xmalloc(sizeof(*cl->key));
946 cl->key->length = strlen(ek);
947 cl->key->expiry = expiry;
948 cl->key->key = xmalloc(cl->key->length + 1);
949 strcpy(cl->key->key, ek);
953 int ans_key_h(conn_list_t *cl)
959 conn_list_t *fw, *gk;
961 if(!cl->status.active)
963 syslog(LOG_ERR, _("Got unauthorized ANS_KEY from %s (%s)"),
964 cl->vpn_hostname, cl->real_hostname);
968 if(sscanf(cl->buffer, "%*d %lx %lx %d %as", &to, &from, &expiry, &key) != 4)
970 syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s)"),
971 cl->vpn_hostname, cl->real_hostname);
976 syslog(LOG_DEBUG, _("Got ANS_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
977 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
979 if(to == myself->vpn_ip)
980 { /* hey! that key's for ME! :) */
981 gk = lookup_conn(from);
985 syslog(LOG_ERR, _("Receiving ANS_KEY origin %d.%d.%d.%d from %s (%s), which does not exist?"),
986 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
990 set_keys(gk, expiry, key);
991 gk->status.validkey = 1;
992 gk->status.waitingforkey = 0;
997 fw = lookup_conn(to);
1001 syslog(LOG_ERR, _("Attempting to forward ANS_KEY to %d.%d.%d.%d, which does not exist?"),
1007 syslog(LOG_DEBUG, _("Forwarding ANS_KEY to %s (%s)"),
1008 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
1010 cl->buffer[cl->reqlen-1] = '\n';
1012 if((write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen)) < 0)
1014 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
1021 int key_changed_h(conn_list_t *cl)
1026 if(!cl->status.active)
1028 syslog(LOG_ERR, _("Got unauthorized KEY_CHANGED from %s (%s)"),
1029 cl->vpn_hostname, cl->real_hostname);
1033 if(sscanf(cl->buffer, "%*d %lx", &from) != 1)
1035 syslog(LOG_ERR, _("Got bad KEY_CHANGED from %s (%s)"),
1036 cl->vpn_hostname, cl->real_hostname);
1040 ik = lookup_conn(from);
1044 syslog(LOG_ERR, _("Got KEY_CHANGED origin %d.%d.%d.%d from %s (%s), which does not exist?"),
1045 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
1050 syslog(LOG_DEBUG, _("Got KEY_CHANGED origin %s from %s (%s)"),
1051 ik->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
1053 ik->status.validkey = 0;
1054 ik->status.waitingforkey = 0;
1056 notify_others(ik, cl, send_key_changed);
1061 int (*request_handlers[256])(conn_list_t*) = {
1062 0, ack_h, 0, 0, 0, 0, 0, 0, 0, 0,
1063 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1064 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1065 termreq_h, timeout_h, del_host_h, 0, 0, 0, 0, 0, 0, 0,
1066 ping_h, pong_h, 0, 0, 0, 0, 0, 0, 0, 0,
1067 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1068 add_host_h, basic_info_h, passphrase_h, public_key_h, 0, 0, 0, 0, 0, 0,
1069 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1070 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1071 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1072 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1073 tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1074 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1075 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1076 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1077 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1078 req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
1079 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1080 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1081 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1082 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1083 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1084 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1085 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1086 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,