X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=4c258abb3087f77d6c58697bf40c658d9939a8ab;hp=0eef42894f742fb8194b783cf2e37bfa45dacc2d;hb=5db596c6844169f1eb5f804b72abe99d067aaa5a;hpb=2fff0a91a7e3e5f44e97255b6dd5807656b255a8 diff --git a/src/net_setup.c b/src/net_setup.c index 0eef4289..4c258abb 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -1,7 +1,7 @@ /* net_setup.c -- Setup. - Copyright (C) 1998-2002 Ivo Timmermans , - 2000-2002 Guus Sliepen + Copyright (C) 1998-2003 Ivo Timmermans , + 2000-2003 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_setup.c,v 1.1.2.29 2003/03/14 09:43:10 zarq Exp $ + $Id: net_setup.c,v 1.1.2.34 2003/07/12 17:41:46 guus Exp $ */ #include "config.h" @@ -32,7 +32,6 @@ #include #include #include -#include #include #include /* SunOS really wants sys/socket.h BEFORE net/if.h, @@ -72,6 +71,7 @@ #include "route.h" #include "device.h" #include "event.h" +#include "logger.h" #include "system.h" @@ -87,7 +87,7 @@ int read_rsa_public_key(connection_t *c) if(!c->rsa_key) { c->rsa_key = RSA_new(); - RSA_blinding_on(c->rsa_key, NULL); +// RSA_blinding_on(c->rsa_key, NULL); } /* First, check for simple PublicKey statement */ @@ -107,7 +107,7 @@ int read_rsa_public_key(connection_t *c) fp = fopen(fname, "r"); if(!fp) { - syslog(LOG_ERR, _("Error reading RSA public key file `%s': %s"), + logger(LOG_ERR, _("Error reading RSA public key file `%s': %s"), fname, strerror(errno)); free(fname); return -1; @@ -124,7 +124,7 @@ int read_rsa_public_key(connection_t *c) fp = fopen(fname, "r"); if(!fp) { - syslog(LOG_ERR, _("Error reading RSA public key file `%s': %s"), + logger(LOG_ERR, _("Error reading RSA public key file `%s': %s"), fname, strerror(errno)); free(fname); return -1; @@ -135,11 +135,11 @@ int read_rsa_public_key(connection_t *c) fclose(fp); if(c->rsa_key) { - RSA_blinding_on(c->rsa_key, NULL); +// RSA_blinding_on(c->rsa_key, NULL); return 0; } - syslog(LOG_ERR, _("Reading RSA public key file `%s' failed: %s"), + logger(LOG_ERR, _("Reading RSA public key file `%s' failed: %s"), fname, strerror(errno)); return -1; } else { @@ -170,7 +170,7 @@ int read_rsa_public_key(connection_t *c) if(fp) { c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL); - RSA_blinding_on(c->rsa_key, NULL); +// RSA_blinding_on(c->rsa_key, NULL); fclose(fp); } @@ -179,7 +179,7 @@ int read_rsa_public_key(connection_t *c) if(c->rsa_key) return 0; - syslog(LOG_ERR, _("No public key for %s specified!"), c->name); + logger(LOG_ERR, _("No public key for %s specified!"), c->name); return -1; } @@ -193,7 +193,7 @@ int read_rsa_private_key(void) if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) { myself->connection->rsa_key = RSA_new(); - RSA_blinding_on(myself->connection->rsa_key, NULL); +// RSA_blinding_on(myself->connection->rsa_key, NULL); BN_hex2bn(&myself->connection->rsa_key->d, key); BN_hex2bn(&myself->connection->rsa_key->e, "FFFF"); free(key); @@ -207,7 +207,7 @@ int read_rsa_private_key(void) fp = fopen(fname, "r"); if(!fp) { - syslog(LOG_ERR, _("Error reading RSA private key file `%s': %s"), + logger(LOG_ERR, _("Error reading RSA private key file `%s': %s"), fname, strerror(errno)); free(fname); return -1; @@ -219,7 +219,7 @@ int read_rsa_private_key(void) fclose(fp); if(!myself->connection->rsa_key) { - syslog(LOG_ERR, _("Reading RSA private key file `%s' failed: %s"), + logger(LOG_ERR, _("Reading RSA private key file `%s' failed: %s"), fname, strerror(errno)); return -1; } @@ -256,12 +256,12 @@ int setup_myself(void) myself->connection->protocol_version = PROT_CURRENT; if(!get_config_string(lookup_config(config_tree, "Name"), &name)) { /* Not acceptable */ - syslog(LOG_ERR, _("Name for tinc daemon required!")); + logger(LOG_ERR, _("Name for tinc daemon required!")); return -1; } if(check_id(name)) { - syslog(LOG_ERR, _("Invalid name for myself!")); + logger(LOG_ERR, _("Invalid name for myself!")); free(name); return -1; } @@ -273,7 +273,7 @@ int setup_myself(void) return -1; if(read_connection_config(myself->connection)) { - syslog(LOG_ERR, _("Cannot open host configuration file for myself!")); + logger(LOG_ERR, _("Cannot open host configuration file for myself!")); return -1; } @@ -329,7 +329,7 @@ int setup_myself(void) else if(!strcasecmp(mode, "hub")) routing_mode = RMODE_HUB; else { - syslog(LOG_ERR, _("Invalid routing mode!")); + logger(LOG_ERR, _("Invalid routing mode!")); return -1; } free(mode); @@ -340,7 +340,7 @@ int setup_myself(void) &priorityinheritance); #if !defined(SOL_IP) || !defined(IP_TOS) if(priorityinheritance) - syslog(LOG_WARNING, _("PriorityInheritance not supported on this platform")); + logger(LOG_WARNING, _("PriorityInheritance not supported on this platform")); #endif if(!get_config_int(lookup_config(config_tree, "MACExpire"), &macexpire)) @@ -350,7 +350,7 @@ int setup_myself(void) (lookup_config(myself->connection->config_tree, "MaxTimeout"), &maxtimeout)) { if(maxtimeout <= 0) { - syslog(LOG_ERR, _("Bogus maximum timeout!")); + logger(LOG_ERR, _("Bogus maximum timeout!")); return -1; } } else @@ -364,12 +364,11 @@ int setup_myself(void) else if(!strcasecmp(afname, "any")) addressfamily = AF_UNSPEC; else { - syslog(LOG_ERR, _("Invalid address family!")); + logger(LOG_ERR, _("Invalid address family!")); return -1; } free(afname); - } else - addressfamily = AF_INET; + } get_config_bool(lookup_config(config_tree, "Hostnames"), &hostnames); @@ -383,7 +382,7 @@ int setup_myself(void) myself->cipher = EVP_get_cipherbyname(cipher); if(!myself->cipher) { - syslog(LOG_ERR, _("Unrecognized cipher type!")); + logger(LOG_ERR, _("Unrecognized cipher type!")); return -1; } } @@ -404,6 +403,9 @@ int setup_myself(void) keylifetime = 3600; keyexpires = now + keylifetime; + + EVP_CIPHER_CTX_init(&packet_ctx); + EVP_DecryptInit_ex(&packet_ctx, myself->cipher, NULL, myself->key, myself->key + myself->cipher->key_len); /* Check if we want to use message authentication codes... */ @@ -415,7 +417,7 @@ int setup_myself(void) myself->digest = EVP_get_digestbyname(digest); if(!myself->digest) { - syslog(LOG_ERR, _("Unrecognized digest type!")); + logger(LOG_ERR, _("Unrecognized digest type!")); return -1; } } @@ -429,10 +431,10 @@ int setup_myself(void) &myself->maclength)) { if(myself->digest) { if(myself->maclength > myself->digest->md_size) { - syslog(LOG_ERR, _("MAC length exceeds size of digest!")); + logger(LOG_ERR, _("MAC length exceeds size of digest!")); return -1; } else if(myself->maclength < 0) { - syslog(LOG_ERR, _("Bogus MAC length!")); + logger(LOG_ERR, _("Bogus MAC length!")); return -1; } } @@ -446,8 +448,8 @@ int setup_myself(void) if(get_config_int (lookup_config(myself->connection->config_tree, "Compression"), &myself->compression)) { - if(myself->compression < 0 || myself->compression > 9) { - syslog(LOG_ERR, _("Bogus compression level!")); + if(myself->compression < 0 || myself->compression > 11) { + logger(LOG_ERR, _("Bogus compression level!")); return -1; } } else @@ -479,7 +481,7 @@ int setup_myself(void) err = getaddrinfo(address, myport, &hint, &ai); if(err || !ai) { - syslog(LOG_ERR, _("System call `%s' failed: %s"), "getaddrinfo", + logger(LOG_ERR, _("System call `%s' failed: %s"), "getaddrinfo", gai_strerror(err)); return -1; } @@ -499,9 +501,9 @@ int setup_myself(void) if(listen_socket[listen_sockets].udp < 0) continue; - if(debug_lvl >= DEBUG_CONNECTIONS) { + ifdebug(CONNECTIONS) { hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr); - syslog(LOG_NOTICE, _("Listening on %s"), hostname); + logger(LOG_NOTICE, _("Listening on %s"), hostname); free(hostname); } @@ -512,9 +514,9 @@ int setup_myself(void) freeaddrinfo(ai); if(listen_sockets) - syslog(LOG_NOTICE, _("Ready")); + logger(LOG_NOTICE, _("Ready")); else { - syslog(LOG_ERR, _("Unable to create any listening socket!")); + logger(LOG_ERR, _("Unable to create any listening socket!")); return -1; }