X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnode.c;h=bd94ed0beba36538d404dc7e4988170cd747df58;hp=2f517446f717fd40b928e5df6d23b5a7e877355d;hb=d4410d0cce40929db9a0ce7042ef962f1867234d;hpb=9b9230a0a79c670b86f54fadd2807b864ff9d91f diff --git a/src/node.c b/src/node.c index 2f517446..bd94ed0b 100644 --- a/src/node.c +++ b/src/node.c @@ -30,8 +30,11 @@ #include "utils.h" #include "xalloc.h" +#include "ed25519/sha512.h" + splay_tree_t *node_tree; -static hash_t *node_udp_cache; +static splay_tree_t *node_id_tree; +static splay_tree_t *node_udp_tree; node_t *myself; @@ -39,20 +42,33 @@ static int node_compare(const node_t *a, const node_t *b) { return strcmp(a->name, b->name); } +static int node_id_compare(const node_t *a, const node_t *b) { + return memcmp(&a->id, &b->id, sizeof(node_id_t)); +} + +static int node_udp_compare(const node_t *a, const node_t *b) { + int result = sockaddrcmp(&a->address, &b->address); + if (result) + return result; + return (a->name && b->name) ? strcmp(a->name, b->name) : 0; +} + void init_nodes(void) { node_tree = splay_alloc_tree((splay_compare_t) node_compare, (splay_action_t) free_node); - node_udp_cache = hash_alloc(0x100, sizeof(sockaddr_t)); + node_id_tree = splay_alloc_tree((splay_compare_t) node_id_compare, NULL); + node_udp_tree = splay_alloc_tree((splay_compare_t) node_udp_compare, NULL); } void exit_nodes(void) { - hash_free(node_udp_cache); + splay_delete_tree(node_udp_tree); + splay_delete_tree(node_id_tree); splay_delete_tree(node_tree); } node_t *new_node(void) { - node_t *n = xmalloc_and_zero(sizeof *n); + node_t *n = xzalloc(sizeof *n); - if(replaywin) n->late = xmalloc_and_zero(replaywin); + if(replaywin) n->late = xzalloc(replaywin); n->subnet_tree = new_subnet_tree(); n->edge_tree = new_edge_tree(); n->mtu = MTU; @@ -70,15 +86,17 @@ void free_node(node_t *n) { sockaddrfree(&n->address); +#ifndef DISABLE_LEGACY cipher_close(n->incipher); digest_close(n->indigest); cipher_close(n->outcipher); digest_close(n->outdigest); +#endif ecdsa_free(n->ecdsa); sptps_stop(&n->sptps); - timeout_del(&n->mtutimeout); + timeout_del(&n->udp_ping_timeout); if(n->hostname) free(n->hostname); @@ -93,16 +111,24 @@ void free_node(node_t *n) { } void node_add(node_t *n) { + unsigned char buf[64]; + sha512(n->name, strlen(n->name),buf); + memcpy(&n->id, buf, sizeof n->id); + splay_insert(node_tree, n); + splay_insert(node_id_tree, n); } void node_del(node_t *n) { + splay_delete(node_udp_tree, n); + for splay_each(subnet_t, s, n->subnet_tree) subnet_del(n, s); for splay_each(edge_t, e, n->edge_tree) edge_del(e); + splay_delete(node_id_tree, n); splay_delete(node_tree, n); } @@ -114,8 +140,14 @@ node_t *lookup_node(char *name) { return splay_search(node_tree, &n); } +node_t *lookup_node_id(const node_id_t *id) { + node_t n = {.id = *id}; + return splay_search(node_id_tree, &n); +} + node_t *lookup_node_udp(const sockaddr_t *sa) { - return hash_search(node_udp_cache, sa); + node_t tmp = {.address = *sa}; + return splay_search(node_udp_tree, &tmp); } void update_node_udp(node_t *n, const sockaddr_t *sa) { @@ -124,7 +156,7 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) { return; } - hash_insert(node_udp_cache, &n->address, NULL); + splay_delete(node_udp_tree, n); if(sa) { n->address = *sa; @@ -135,20 +167,38 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) { break; } } - hash_insert(node_udp_cache, sa, n); + splay_insert(node_udp_tree, n); free(n->hostname); n->hostname = sockaddr2hostname(&n->address); logger(DEBUG_PROTOCOL, LOG_DEBUG, "UDP address of %s set to %s", n->name, n->hostname); } + + /* invalidate UDP information - note that this is a security feature as well to make sure + we can't be tricked into flooding any random address with UDP packets */ + n->status.udp_confirmed = false; + n->maxrecentlen = 0; + n->mtuprobes = 0; + n->minmtu = 0; + n->maxmtu = MTU; } bool dump_nodes(connection_t *c) { - for splay_each(node_t, n, node_tree) - send_request(c, "%d %d %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES, - n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher), - digest_get_nid(n->outdigest), (int)digest_length(n->outdigest), n->outcompression, - n->options, bitfield_to_int(&n->status, sizeof n->status), n->nexthop ? n->nexthop->name : "-", - n->via ? n->via->name ?: "-" : "-", n->distance, n->mtu, n->minmtu, n->maxmtu, (long)n->last_state_change); + for splay_each(node_t, n, node_tree) { + char id[2 * sizeof n->id + 1]; + for (size_t c = 0; c < sizeof n->id; ++c) + sprintf(id + 2 * c, "%02hhx", n->id.x[c]); + id[sizeof id - 1] = 0; + send_request(c, "%d %d %s %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES, + n->name, id, n->hostname ?: "unknown port unknown", +#ifdef DISABLE_LEGACY + 0, 0, 0, +#else + cipher_get_nid(n->outcipher), digest_get_nid(n->outdigest), (int)digest_length(n->outdigest), +#endif + n->outcompression, n->options, bitfield_to_int(&n->status, sizeof n->status), + n->nexthop ? n->nexthop->name : "-", n->via ? n->via->name ?: "-" : "-", n->distance, + n->mtu, n->minmtu, n->maxmtu, (long)n->last_state_change); + } return send_request(c, "%d %d", CONTROL, REQ_DUMP_NODES); }