projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Invalidate UDP information on address changes.
[tinc] / src / node.c
diff --git a/src/node.c b/src/node.c
index 820d622..0cb2445 100644 (file)
--- a/src/node.c
+++ b/src/node.c
@@ -1,6 +1,6 @@
 /*
     node.c -- node tree management
-    Copyright (C) 2001-2011 Guus Sliepen <guus@tinc-vpn.org>,
+    Copyright (C) 2001-2013 Guus Sliepen <guus@tinc-vpn.org>,
                   2001-2005 Ivo Timmermans
 
     This program is free software; you can redistribute it and/or modify
@@ -30,7 +30,7 @@
 #include "utils.h"
 #include "xalloc.h"
 
-splay_tree_t *node_tree;                       /* Known nodes, sorted by name */
+splay_tree_t *node_tree;
 static hash_t *node_udp_cache;
 
 node_t *myself;
@@ -50,9 +50,9 @@ void exit_nodes(void) {
 }
 
 node_t *new_node(void) {
-       node_t *n = xmalloc_and_zero(sizeof *n);
+       node_t *n = xzalloc(sizeof *n);
 
-       if(replaywin) n->late = xmalloc_and_zero(replaywin);
+       if(replaywin) n->late = xzalloc(replaywin);
        n->subnet_tree = new_subnet_tree();
        n->edge_tree = new_edge_tree();
        n->mtu = MTU;
@@ -70,17 +70,16 @@ void free_node(node_t *n) {
 
        sockaddrfree(&n->address);
 
-       cipher_close(&n->incipher);
-       digest_close(&n->indigest);
-       cipher_close(&n->outcipher);
-       digest_close(&n->outdigest);
+       cipher_close(n->incipher);
+       digest_close(n->indigest);
+       cipher_close(n->outcipher);
+       digest_close(n->outdigest);
 
-       ecdsa_free(&n->ecdsa);
+       ecdsa_free(n->ecdsa);
        sptps_stop(&n->sptps);
 
-       if(timeout_initialized(&n->mtuevent))
-               event_del(&n->mtuevent);
-       
+       timeout_del(&n->mtutimeout);
+
        if(n->hostname)
                free(n->hostname);
 
@@ -129,18 +128,32 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) {
 
        if(sa) {
                n->address = *sa;
+               n->sock = 0;
+               for(int i = 0; i < listen_sockets; i++) {
+                       if(listen_socket[i].sa.sa.sa_family == sa->sa.sa_family) {
+                               n->sock = i;
+                               break;
+                       }
+               }
                hash_insert(node_udp_cache, sa, n);
                free(n->hostname);
                n->hostname = sockaddr2hostname(&n->address);
                logger(DEBUG_PROTOCOL, LOG_DEBUG, "UDP address of %s set to %s", n->name, n->hostname);
        }
+
+       /* invalidate UDP information - note that this is a security feature as well to make sure
+          we can't be tricked into flooding any random address with UDP packets */
+       n->status.udp_confirmed = false;
+       n->mtuprobes = 0;
+       n->minmtu = 0;
+       n->maxmtu = MTU;
 }
 
 bool dump_nodes(connection_t *c) {
        for splay_each(node_t, n, node_tree)
                send_request(c, "%d %d %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES,
-                          n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(&n->outcipher),
-                          digest_get_nid(&n->outdigest), (int)digest_length(&n->outdigest), n->outcompression,
+                          n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher),
+                          digest_get_nid(n->outdigest), (int)digest_length(n->outdigest), n->outcompression,
                           n->options, bitfield_to_int(&n->status, sizeof n->status), n->nexthop ? n->nexthop->name : "-",
                           n->via ? n->via->name ?: "-" : "-", n->distance, n->mtu, n->minmtu, n->maxmtu, (long)n->last_state_change);
 
tinc, the VPN daemon