X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_subnet.c;h=7098e2a04a2271a4f36c35d1321a89a6118f22b6;hp=ba75c89988493db3ae835c397f79f970bb25f676;hb=9fed0ec34b9208611a7e96a595f23fa04e60a5c0;hpb=d47ab576a25d91600acf7eecf376ed026bdc9c83

diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c
index ba75c899..7098e2a0 100644
--- a/src/protocol_subnet.c
+++ b/src/protocol_subnet.c
@@ -104,29 +104,12 @@ bool add_subnet_h(connection_t *c) {
 		return true;
 	}
 
-	/* In tunnel server mode, check if the subnet matches one in the config file of this node */
+	/* In tunnel server mode, we should already know all allowed subnets */
 
 	if(tunnelserver) {
-		config_t *cfg;
-		subnet_t *allowed;
-
-		for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
-			if(!get_config_subnet(cfg, &allowed))
-				continue;
-
-			if(!subnet_compare(&s, allowed))
-				break;
-
-			free_subnet(allowed);
-		}
-
-		if(!cfg) {
-			logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
-					"ADD_SUBNET", c->name, c->hostname, subnetstr);
-			return true;
-		}
-
-		free_subnet(allowed);
+		logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
+				"ADD_SUBNET", c->name, c->hostname, subnetstr);
+		return true;
 	}
 
 	/* If everything is correct, add the subnet to the list of the owner */
@@ -139,8 +122,7 @@ bool add_subnet_h(connection_t *c) {
 
 	/* Tell the rest */
 
-	if(!tunnelserver)
-		forward_request(c);
+	forward_request(c);
 
 	/* Fast handoff of roaming MAC addresses */
 
@@ -228,10 +210,12 @@ bool del_subnet_h(connection_t *c) {
 		return true;
 	}
 
+	if(tunnelserver)
+		return true;
+
 	/* Tell the rest */
 
-	if(!tunnelserver)
-		forward_request(c);
+	forward_request(c);
 
 	/* Finally, delete it. */