X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet.c;h=ae6fbed8bb1178deeba8434546d27d852b2d0b17;hp=81318e3e446575faf058398dc8745f47f95c7eee;hb=9c2f805255fa36b05e8fe9391f639581d938b653;hpb=9f64499e40a95a8c05c82924219517aa017fc411 diff --git a/src/net.c b/src/net.c index 81318e3e..ae6fbed8 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.41 2000/10/20 15:34:35 guus Exp $ + $Id: net.c,v 1.35.4.45 2000/10/24 15:46:16 guus Exp $ */ #include "config.h" @@ -25,6 +25,8 @@ #include #include #include +#include +#include #include #include #include @@ -38,7 +40,6 @@ #include #ifdef HAVE_TUNTAP -#include #include LINUX_IF_TUN_H #endif @@ -61,7 +62,7 @@ int total_tap_out = 0; int total_socket_in = 0; int total_socket_out = 0; -int upstreamindex = 0; +config_t *upstreamcfg; static int seconds_till_retry; char *unknown = NULL; @@ -103,7 +104,7 @@ cp EVP_EncryptFinal(cl->cipher_pktctx, outpkt.data + outlen, &outpad); outlen += outpad; - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"), outlen, cl->name, cl->hostname); @@ -126,19 +127,16 @@ int xrecv(vpn_packet_t *inpkt) vpn_packet_t outpkt; int outlen, outpad; cp - if(debug_lvl > 3) - syslog(LOG_ERR, _("Receiving packet of %d bytes"), - inpkt->len); - outpkt.len = inpkt->len; EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, NULL); EVP_DecryptUpdate(myself->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len); - /* FIXME: grok DecryptFinal EVP_DecryptFinal(myself->cipher_pktctx, outpkt.data + outlen, &outpad); - */ + outlen += outpad; + /* FIXME sometime add_mac_addresses(&outpkt); - + */ + if(write(tap_fd, outpkt.data, outpkt.len) < 0) syslog(LOG_ERR, _("Can't write to tap device: %m")); else @@ -239,7 +237,7 @@ cp p = next; } - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_DEBUG, _("Queue flushed")); cp } @@ -254,7 +252,7 @@ void flush_queues(conn_list_t *cl) cp if(cl->sq) { - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_DEBUG, _("Flushing send queue for %s (%s)"), cl->name, cl->hostname); flush_queue(cl, &(cl->sq), xsend); @@ -262,7 +260,7 @@ cp if(cl->rq) { - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_DEBUG, _("Flushing receive queue for %s (%s)"), cl->name, cl->hostname); flush_queue(cl, &(cl->rq), xrecv); @@ -279,7 +277,7 @@ int send_packet(ip_t to, vpn_packet_t *packet) cp if((cl = lookup_conn_list_ipv4(to)) == NULL) { - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) { syslog(LOG_NOTICE, _("Trying to look up %d.%d.%d.%d in connection list failed!"), IP_ADDR_V(to)); @@ -302,7 +300,7 @@ cp if(!cl->status.validkey) { - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"), cl->name, cl->hostname); add_queue(&(cl->sq), packet, packet->len + 2); @@ -313,7 +311,7 @@ cp if(!cl->status.active) { - if(debug_lvl > 3) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_INFO, _("%s (%s) is not ready, queueing packet"), cl->name, cl->hostname); add_queue(&(cl->sq), packet, packet->len + 2); @@ -333,10 +331,9 @@ int setup_tap_fd(void) int nfd; const char *tapfname; config_t const *cfg; - -#ifdef HAVE_TUNTAP + char *envvar; struct ifreq ifr; -#endif + cp if((cfg = get_config_val(config, tapdevice))) tapfname = cfg->data.ptr; @@ -369,12 +366,20 @@ cp { syslog(LOG_INFO, _("%s is a new style tun/tap device"), tapfname); taptype = 1; + if((cfg = get_config_val(config, tapsubnet)) == NULL) syslog(LOG_INFO, _("tun/tap device will be left unconfigured")); else /* Setup inetaddr/netmask etc */; } #endif + + /* Add name of network interface to environment (for scripts) */ + + ioctl(tap_fd, SIOCGIFNAME, (void *) &ifr); + asprintf(&envvar, "IFNAME=%s", ifr.ifr_name); + putenv(envvar); + free(envvar); cp return 0; @@ -430,7 +435,7 @@ cp a.sin_port = htons(port); if((cfg = get_config_val(config, interfaceip))) - a.sin_addr.s_addr = htonl(cfg->data.ip->ip); + a.sin_addr.s_addr = htonl(cfg->data.ip->address); else a.sin_addr.s_addr = htonl(INADDR_ANY); @@ -501,7 +506,7 @@ int setup_outgoing_meta_socket(conn_list_t *cl) struct sockaddr_in a; config_t const *cfg; cp - if(debug_lvl > 0) + if(debug_lvl >= DEBUG_CONNECTIONS) syslog(LOG_INFO, _("Trying to connect to %s"), cl->hostname); if((cfg = get_config_val(cl->config, port)) == NULL) @@ -535,7 +540,7 @@ cp return -1; } - if(debug_lvl > 0) + if(debug_lvl >= DEBUG_CONNECTIONS) syslog(LOG_INFO, _("Connected to %s port %hd"), cl->hostname, cl->port); @@ -612,11 +617,13 @@ cp } /* - set up the local sockets (listen only) + Configure conn_list_t myself and set up the local sockets (listen only) */ int setup_myself(void) { config_t const *cfg; + subnet_t *net; + int i; cp myself = new_conn_list(); @@ -685,6 +692,18 @@ cp if(cfg->data.val == stupid_true) myself->flags |= TCPONLY; +/* Read in all the subnets specified in the host configuration file */ + + for(cfg = myself->config; cfg = get_config_val(cfg, subnet); cfg = cfg->next) + { + net = new_subnet(); + net->type = SUBNET_IPV4; + net->net.ipv4.address = cfg->data.ip->address; + net->net.ipv4.mask = cfg->data.ip->mask; + + subnet_add(myself, net); + } + if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0) { syslog(LOG_ERR, _("Unable to set up a listening socket!")); @@ -710,24 +729,25 @@ sigalrm_handler(int a) { config_t const *cfg; cp - cfg = get_next_config_val(config, connectto, upstreamindex++); + cfg = get_config_val(upstreamcfg, connectto); - if(!upstreamindex && !cfg) + if(!cfg && upstreamcfg == myself->config) /* No upstream IP given, we're listen only. */ return; while(cfg) { + upstreamcfg = cfg->next; if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */ { signal(SIGALRM, SIG_IGN); return; } - cfg = get_next_config_val(config, connectto, upstreamindex++); /* Or else we try the next ConnectTo line */ + cfg = get_config_val(upstreamcfg, connectto); /* Or else we try the next ConnectTo line */ } signal(SIGALRM, sigalrm_handler); - upstreamindex = 0; + upstreamcfg = myself->config; seconds_till_retry += 5; if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */ seconds_till_retry = MAXTIMEOUT; @@ -743,6 +763,7 @@ cp int setup_network_connections(void) { config_t const *cfg; + char *scriptname; cp if((cfg = get_config_val(config, pingtimeout)) == NULL) timeout = 5; @@ -755,19 +776,37 @@ cp if(setup_myself() < 0) return -1; - if((cfg = get_next_config_val(config, connectto, upstreamindex++)) == NULL) + /* Run tinc-up script to further initialize the tap interface */ + + asprintf(&scriptname, "%s/tinc-up", confbase); + + if(!fork()) + { + + execl(scriptname, NULL); + + if(errno != ENOENT) + syslog(LOG_WARNING, _("Error while executing %s: %m"), scriptname); + + exit(0); + } + + free(scriptname); + + if(!(cfg = get_config_val(myself->config, connectto))) /* No upstream IP given, we're listen only. */ return 0; while(cfg) { + upstreamcfg = cfg->next; if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */ return 0; - cfg = get_next_config_val(config, connectto, upstreamindex++); /* Or else we try the next ConnectTo line */ + cfg = get_config_val(upstreamcfg, connectto); /* Or else we try the next ConnectTo line */ } signal(SIGALRM, sigalrm_handler); - upstreamindex = 0; + upstreamcfg = myself->config; seconds_till_retry = MAXTIMEOUT; syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry); alarm(seconds_till_retry); @@ -781,6 +820,7 @@ cp void close_network_connections(void) { conn_list_t *p; + char *scriptname; cp for(p = conn_list; p != NULL; p = p->next) { @@ -804,6 +844,22 @@ cp close(myself->socket); } + /* Execute tinc-down script right before shutting down the interface */ + + asprintf(&scriptname, "%s/tinc-down", confbase); + + if(!fork()) + { + execl(scriptname, NULL); + + if(errno != ENOENT) + syslog(LOG_WARNING, _("Error while executing %s: %m"), scriptname); + + exit(0); + } + + free(scriptname); + close(tap_fd); destroy_conn_list(); @@ -820,7 +876,7 @@ int setup_vpn_connection(conn_list_t *cl) int nfd, flags; struct sockaddr_in a; cp - if(debug_lvl > 0) + if(debug_lvl >= DEBUG_TRAFFIC) syslog(LOG_DEBUG, _("Opening UDP socket to %s"), cl->hostname); nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); @@ -883,7 +939,7 @@ cp p->last_ping_time = time(NULL); p->want_ping = 0; - if(debug_lvl > 0) + if(debug_lvl >= DEBUG_CONNECTIONS) syslog(LOG_NOTICE, _("Connection from %s port %d"), p->hostname, htons(ci.sin_port)); @@ -925,6 +981,8 @@ int handle_incoming_vpn_data() vpn_packet_t pkt; int lenin; int x, l = sizeof(x); + struct sockaddr from; + socklen_t fromlen = sizeof(from); cp if(getsockopt(myself->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0) { @@ -938,12 +996,18 @@ cp return -1; } - if(recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, NULL, NULL) <= 0) + if(recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, &from, &fromlen) <= 0) { syslog(LOG_ERR, _("Receiving packet failed: %m")); return -1; } - +/* + if(debug_lvl >= DEBUG_TRAFFIC) + { + syslog(LOG_DEBUG, _("Received packet of %d bytes from %d.%d.%d.%d"), pkt.len, + from.sa_addr[0], from.sa_addr[1], from.sa_addr[2], from.sa_addr[3]); + } +*/ cp return xrecv(&pkt); } @@ -960,7 +1024,7 @@ cp if(cl->status.remove) return; - if(debug_lvl > 0) + if(debug_lvl >= DEBUG_CONNECTIONS) syslog(LOG_NOTICE, _("Closing connection with %s (%s)"), cl->name, cl->hostname); @@ -1033,7 +1097,7 @@ cp { if(p->status.pinged && !p->status.got_pong) { - if(debug_lvl > 1) + if(debug_lvl >= DEBUG_PROTOCOL) syslog(LOG_INFO, _("%s (%s) didn't respond to PING"), p->name, p->hostname); p->status.timeout = 1; @@ -1138,11 +1202,8 @@ cp void handle_tap_input(void) { vpn_packet_t vp; - ip_t from, to; - int ether_type, lenin; + int lenin; cp - memset(&vp, 0, sizeof(vp)); - if(taptype = 1) { if((lenin = read(tap_fd, vp.data, MTU)) <= 0) @@ -1164,25 +1225,19 @@ cp total_tap_in += lenin; - ether_type = ntohs(*((unsigned short*)(&vp.data[12]))); - if(ether_type != 0x0800) - { - if(debug_lvl > 3) - syslog(LOG_INFO, _("Non-IP ethernet frame %04x from %02x:%02x:%02x:%02x:%02x:%02x"), ether_type, MAC_ADDR_V(vp.data[6])); - return; - } - if(lenin < 32) { - if(debug_lvl > 3) - syslog(LOG_INFO, _("Dropping short packet from %02x:%02x:%02x:%02x:%02x:%02x"), MAC_ADDR_V(vp.data[6])); + if(debug_lvl >= DEBUG_TRAFFIC) + syslog(LOG_WARNING, _("Received short packet from tap device")); return; } - from = ntohl(*((unsigned long*)(&vp.data[26]))); - to = ntohl(*((unsigned long*)(&vp.data[30]))); + if(debug_lvl >= DEBUG_TRAFFIC) + { + syslog(LOG_DEBUG, _("Read packet of length %d from tap device"), vp.len); + } - send_packet(to, &vp); +// route_packet(&vp); cp }