X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_subnet.c;h=d40b3a33afe255f02439953769ec8a71fbe51342;hp=4a761b7b2c439bdeba325477eb361753b3496c7c;hb=a8a65cee083a27afe42cab360596e1453e7141b9;hpb=7926a156e5b118d06295228e57de0cc9de0433b4 diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c index 4a761b7b..d40b3a33 100644 --- a/src/protocol_subnet.c +++ b/src/protocol_subnet.c @@ -1,7 +1,7 @@ /* protocol_subnet.c -- handle the meta-protocol, subnets - Copyright (C) 1999-2004 Ivo Timmermans , - 2000-2004 Guus Sliepen + Copyright (C) 1999-2005 Ivo Timmermans, + 2000-2009 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -60,7 +60,7 @@ bool add_subnet_h(connection_t *c) return false; } - /* Check if owner name is a valid */ + /* Check if owner name is valid */ if(!check_id(name)) { logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "ADD_SUBNET", c->name, @@ -83,15 +83,19 @@ bool add_subnet_h(connection_t *c) owner = lookup_node(name); + if(tunnelserver && owner != myself && owner != c->node) { + /* in case of tunnelserver, ignore indirect subnet registrations */ + ifdebug(PROTOCOL) logger(LOG_WARNING, _("Ignoring indirect %s from %s (%s) for %s"), + "ADD_SUBNET", c->name, c->hostname, subnetstr); + return true; + } + if(!owner) { owner = new_node(); owner->name = xstrdup(name); node_add(owner); } - if(tunnelserver && owner != myself && owner != c->node) - return false; - /* Check if we already know this subnet */ if(lookup_subnet(owner, &s)) @@ -123,8 +127,11 @@ bool add_subnet_h(connection_t *c) free_subnet(allowed); } - if(!cfg) + if(!cfg) { + logger(LOG_WARNING, _("Unauthorized %s from %s (%s) for %s"), + "ADD_SUBNET", c->name, c->hostname, subnetstr); return false; + } free_subnet(allowed); } @@ -134,6 +141,9 @@ bool add_subnet_h(connection_t *c) *(new = new_subnet()) = s; subnet_add(owner, new); + if(owner->status.reachable) + subnet_update(owner, new, true); + /* Tell the rest */ if(!tunnelserver) @@ -169,7 +179,7 @@ bool del_subnet_h(connection_t *c) return false; } - /* Check if owner name is a valid */ + /* Check if owner name is valid */ if(!check_id(name)) { logger(LOG_ERR, _("Got bad %s from %s (%s): %s"), "DEL_SUBNET", c->name, @@ -177,19 +187,6 @@ bool del_subnet_h(connection_t *c) return false; } - /* Check if the owner of the new subnet is in the connection list */ - - owner = lookup_node(name); - - if(!owner) { - ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for %s which is not in our node tree"), - "DEL_SUBNET", c->name, c->hostname, name); - return true; - } - - if(tunnelserver && owner != myself && owner != c->node) - return false; - /* Check if subnet string is valid */ if(!str2net(&s, subnetstr)) { @@ -201,6 +198,23 @@ bool del_subnet_h(connection_t *c) if(seen_request(c->buffer)) return true; + /* Check if the owner of the subnet being deleted is in the connection list */ + + owner = lookup_node(name); + + if(tunnelserver && owner != myself && owner != c->node) { + /* in case of tunnelserver, ignore indirect subnet deletion */ + ifdebug(PROTOCOL) logger(LOG_WARNING, _("Ignoring indirect %s from %s (%s) for %s"), + "DEL_SUBNET", c->name, c->hostname, subnetstr); + return true; + } + + if(!owner) { + ifdebug(PROTOCOL) logger(LOG_WARNING, _("Got %s from %s (%s) for %s which is not in our node tree"), + "DEL_SUBNET", c->name, c->hostname, name); + return true; + } + /* If everything is correct, delete the subnet from the list of the owner */ s.owner = owner; @@ -229,6 +243,9 @@ bool del_subnet_h(connection_t *c) /* Finally, delete it. */ + if(owner->status.reachable) + subnet_update(owner, find, false); + subnet_del(owner, find); return true;