X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=cbd3954cbfb675fb85b672006185a3b6fb917dda;hp=83fbc2da38a92228b164f60bd83c96a03277378d;hb=c2dc3784f127ef6db6e9960a4abecc1aab6f4e31;hpb=76a9be5bce43a1a7363c670882f5315c824c903c

diff --git a/src/net_setup.c b/src/net_setup.c
index 83fbc2da..cbd3954c 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,7 +1,7 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2014 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2016 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
@@ -43,6 +43,10 @@
 #include "utils.h"
 #include "xalloc.h"
 
+#ifdef HAVE_MINIUPNPC
+#include "upnp.h"
+#endif
+
 char *myport;
 static char *myname;
 static io_t device_io;
@@ -148,9 +152,6 @@ bool read_ecdsa_public_key(connection_t *c) {
 
 #ifndef DISABLE_LEGACY
 bool read_rsa_public_key(connection_t *c) {
-	if(ecdsa_active(c->ecdsa))
-		return true;
-
 	FILE *fp;
 	char *fname;
 	char *n;
@@ -229,14 +230,14 @@ static bool read_ecdsa_private_key(void) {
 
 static bool read_invitation_key(void) {
 	FILE *fp;
-	char *fname;
+	char fname[PATH_MAX];
 
 	if(invitation_key) {
 		ecdsa_free(invitation_key);
 		invitation_key = NULL;
 	}
 
-	xasprintf(&fname, "%s" SLASH "invitations" SLASH "ed25519_key.priv", confbase);
+	snprintf(fname, sizeof fname, "%s" SLASH "invitations" SLASH "ed25519_key.priv", confbase);
 
 	fp = fopen(fname, "r");
 
@@ -247,7 +248,6 @@ static bool read_invitation_key(void) {
 			logger(DEBUG_ALWAYS, LOG_ERR, "Reading Ed25519 private key file `%s' failed", fname);
 	}
 
-	free(fname);
 	return invitation_key;
 }
 
@@ -330,13 +330,12 @@ void regenerate_key(void) {
 void load_all_subnets(void) {
 	DIR *dir;
 	struct dirent *ent;
-	char *dname;
+	char dname[PATH_MAX];
 
-	xasprintf(&dname, "%s" SLASH "hosts", confbase);
+	snprintf(dname, sizeof dname, "%s" SLASH "hosts", confbase);
 	dir = opendir(dname);
 	if(!dir) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
-		free(dname);
 		return;
 	}
 
@@ -369,6 +368,7 @@ void load_all_subnets(void) {
 
 			if((s2 = lookup_subnet(n, s))) {
 				s2->expires = -1;
+				free(s);
 			} else {
 				subnet_add(n, s);
 			}
@@ -383,13 +383,12 @@ void load_all_subnets(void) {
 void load_all_nodes(void) {
 	DIR *dir;
 	struct dirent *ent;
-	char *dname;
+	char dname[PATH_MAX];
 
-	xasprintf(&dname, "%s" SLASH "hosts", confbase);
+	snprintf(dname, sizeof dname, "%s" SLASH "hosts", confbase);
 	dir = opendir(dname);
 	if(!dir) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
-		free(dname);
 		return;
 	}
 
@@ -592,9 +591,14 @@ bool setup_myself_reloadable(void) {
 		subnet_add(NULL, s);
 	}
 
-#if !defined(SOL_IP) || !defined(IP_TOS)
+#if !defined(IPPROTO_IP) || !defined(IP_TOS)
 	if(priorityinheritance)
-		logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform", "PriorityInheritance");
+		logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform for IPv4 connections", "PriorityInheritance");
+#endif
+
+#if !defined(IPPROTO_IPV6) || !defined(IPV6_TCLASS)
+	if(priorityinheritance)
+		logger(DEBUG_ALWAYS, LOG_WARNING, "%s not supported on this platform for IPv6 connections", "PriorityInheritance");
 #endif
 
 	if(!get_config_int(lookup_config(config_tree, "MACExpire"), &macexpire))
@@ -667,7 +671,7 @@ static bool add_listen_address(char *address, bool bindto) {
 	hint.ai_protocol = IPPROTO_TCP;
 	hint.ai_flags = AI_PASSIVE;
 
-#ifdef HAVE_DECL_RES_INIT
+#if HAVE_DECL_RES_INIT
 	res_init();
 #endif
 	int err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
@@ -857,14 +861,14 @@ static bool setup_myself(void) {
 	}
 
 	if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) {
-		if(udp_rcvbuf <= 0) {
+		if(udp_rcvbuf < 0) {
 			logger(DEBUG_ALWAYS, LOG_ERR, "UDPRcvBuf cannot be negative!");
 			return false;
 		}
 	}
 
 	if(get_config_int(lookup_config(config_tree, "UDPSndBuf"), &udp_sndbuf)) {
-		if(udp_sndbuf <= 0) {
+		if(udp_sndbuf < 0) {
 			logger(DEBUG_ALWAYS, LOG_ERR, "UDPSndBuf cannot be negative!");
 			return false;
 		}
@@ -967,6 +971,7 @@ static bool setup_myself(void) {
 		else if(!strcasecmp(type, "vde"))
 			devops = vde_devops;
 #endif
+		free(type);
 	}
 
 	get_config_bool(lookup_config(config_tree, "DeviceStandby"), &device_standby);
@@ -1063,6 +1068,25 @@ static bool setup_myself(void) {
 	xasprintf(&myself->hostname, "MYSELF port %s", myport);
 	myself->connection->hostname = xstrdup(myself->hostname);
 
+	char *upnp = NULL;
+	get_config_string(lookup_config(config_tree, "UPnP"), &upnp);
+	bool upnp_tcp = false;
+	bool upnp_udp = false;
+	if (upnp) {
+		if (!strcasecmp(upnp, "yes"))
+			upnp_tcp = upnp_udp = true;
+		else if (!strcasecmp(upnp, "udponly"))
+			upnp_udp = true;
+		free(upnp);
+	}
+	if (upnp_tcp || upnp_udp) {
+#ifdef HAVE_MINIUPNPC
+		upnp_init(upnp_tcp, upnp_udp);
+#else
+		logger(DEBUG_ALWAYS, LOG_WARNING, "UPnP was requested, but tinc isn't built with miniupnpc support!");
+#endif
+	}
+
 	/* Done. */
 
 	last_config_check = now.tv_sec;