- Write pidfile again after detaching
- Check OS (for handling FreeBSD/Solaris tun/tap stuff)
+/* Linux */
+#undef HAVE_LINUX
+
+/* FreeBSD */
+#undef HAVE_FREEBSD
+
+/* Solaris */
+#undef HAVE_SOLARIS
/* Define to the location of the kernel sources */
#undef CONFIG_TINC_KERNELDIR
/* Define to the location of the kernel sources */
#undef CONFIG_TINC_KERNELDIR
+# Make sure configure doesn't complain about old configuration
+rm -f config.status
+
if test -z "$*"; then
echo "**Warning**: I am going to run \`configure' with no arguments."
echo "If you wish to pass any to it, please specify them on the"
if test -z "$*"; then
echo "**Warning**: I am going to run \`configure' with no arguments."
echo "If you wish to pass any to it, please specify them on the"
dnl Process this file with autoconf to produce a configure script.
dnl Process this file with autoconf to produce a configure script.
-dnl $Id: configure.in,v 1.13.2.24 2000/11/24 23:12:56 guus Exp $
+dnl $Id: configure.in,v 1.13.2.25 2000/11/25 13:33:30 guus Exp $
AC_INIT(src/tincd.c)
AM_INIT_AUTOMAKE(tinc, 1.0pre4-cvs)
AC_INIT(src/tincd.c)
AM_INIT_AUTOMAKE(tinc, 1.0pre4-cvs)
+dnl Check and set OS
+
+AC_CANONICAL_HOST
+
+case $host_os in
+ *linux*)
+ AC_DEFINE(HAVE_LINUX)
+ ;;
+ *freebsd*)
+ AC_DEFINE(HAVE_FREEBSD)
+ ;;
+ *solaris*)
+ AC_DEFINE(HAVE_SOLARIS)
+ ;;
+esac
+
dnl Checks for libraries.
dnl Checks for header files.
dnl Checks for libraries.
dnl Checks for header files.
dnl Crypto stuff
tinc_OPENSSL
dnl Crypto stuff
tinc_OPENSSL
dnl Support for SunOS
AC_CHECK_FUNC(socket, [], [
dnl Support for SunOS
AC_CHECK_FUNC(socket, [], [
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.c,v 1.35.4.81 2000/11/24 23:13:02 guus Exp $
+ $Id: net.c,v 1.35.4.82 2000/11/25 13:33:30 guus Exp $
vpn_packet_t outpkt;
int outlen, outpad;
EVP_CIPHER_CTX ctx;
vpn_packet_t outpkt;
int outlen, outpad;
EVP_CIPHER_CTX ctx;
+ struct sockaddr_in to;
+ socklen_t tolen = sizeof(to);
cp
outpkt.len = inpkt->len;
cp
outpkt.len = inpkt->len;
total_socket_out += outlen;
total_socket_out += outlen;
- if((send(cl->socket, (char *) &(outpkt.len), outlen, 0)) < 0)
+ to.sin_family = AF_INET;
+ to.sin_addr.s_addr = htonl(cl->address);
+ to.sin_port = htons(cl->port);
+
+ if((sendto(myself->socket, (char *) &(outpkt.len), outlen, 0, (const struct sockaddr *)&to, tolen)) < 0)
{
syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
cl->name, cl->hostname);
{
syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
cl->name, cl->hostname);
/* FIXME - check for indirection and reprogram it The Right Way(tm) this time. */
/* FIXME - check for indirection and reprogram it The Right Way(tm) this time. */
- /* Connections are now opened beforehand...
-
- if(!cl->status.dataopen)
- if(setup_vpn_connection(cl) < 0)
- {
- syslog(LOG_ERR, _("Could not open UDP connection to %s (%s)"),
- cl->name, cl->hostname);
- return -1;
- }
- */
-
if(!cl->status.validkey)
{
/* FIXME: Don't queue until everything else is fixed.
if(!cl->status.validkey)
{
/* FIXME: Don't queue until everything else is fixed.
int nfd;
const char *tapfname;
config_t const *cfg;
int nfd;
const char *tapfname;
config_t const *cfg;
+#ifdef HAVE_LINUX
+ #ifdef HAVE_TUNTAP
#endif
cp
if((cfg = get_config_val(config, config_tapdevice)))
tapfname = cfg->data.ptr;
else
#endif
cp
if((cfg = get_config_val(config, config_tapdevice)))
tapfname = cfg->data.ptr;
else
-#ifdef HAVE_TUNTAP
- tapfname = "/dev/misc/net/tun";
-#else
- tapfname = "/dev/tap0";
+ {
+#ifdef HAVE_LINUX
+ #ifdef HAVE_TUNTAP
+ tapfname = "/dev/misc/net/tun";
+ #else
+ tapfname = "/dev/tap0";
+ #endif
+#endif
+#ifdef HAVE_FREEBSD
+ tapfname = "/dev/tap0";
+#ifdef HAVE_SOLARIS
+ tapfname = "/dev/tun";
+#endif
+ }
cp
if((nfd = open(tapfname, O_RDWR | O_NONBLOCK)) < 0)
{
cp
if((nfd = open(tapfname, O_RDWR | O_NONBLOCK)) < 0)
{
+ taptype = TAP_TYPE_ETHERTAP;
+
/* Set default MAC address for ethertap devices */
/* Set default MAC address for ethertap devices */
- taptype = TAP_TYPE_ETHERTAP;
mymac.type = SUBNET_MAC;
mymac.net.mac.address.x[0] = 0xfe;
mymac.net.mac.address.x[1] = 0xfd;
mymac.type = SUBNET_MAC;
mymac.net.mac.address.x[0] = 0xfe;
mymac.net.mac.address.x[1] = 0xfd;
mymac.net.mac.address.x[4] = 0x00;
mymac.net.mac.address.x[5] = 0x00;
mymac.net.mac.address.x[4] = 0x00;
mymac.net.mac.address.x[5] = 0x00;
+#ifdef HAVE_LINUX
+ #ifdef HAVE_TUNTAP
/* Ok now check if this is an old ethertap or a new tun/tap thingie */
memset(&ifr, 0, sizeof(ifr));
cp
/* Ok now check if this is an old ethertap or a new tun/tap thingie */
memset(&ifr, 0, sizeof(ifr));
cp
syslog(LOG_INFO, _("%s is a new style tun/tap device"), tapfname);
taptype = TAP_TYPE_TUNTAP;
}
syslog(LOG_INFO, _("%s is a new style tun/tap device"), tapfname);
taptype = TAP_TYPE_TUNTAP;
}
+ #endif
+#endif
+#ifdef HAVE_FREEBSD
+ taptype = TAP_TYPE_TUNTAP;
- setup an outgoing connection. It's not
- necessary to also open an udp socket as
- well, because the other host will initiate
- an authentication sequence during which
- we will do just that.
+ Setup an outgoing meta connection.
*/
int setup_outgoing_connection(char *name)
{
*/
int setup_outgoing_connection(char *name)
{
if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
{
if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
{
- syslog(LOG_ERR, _("Unable to set up a listening socket!"));
+ syslog(LOG_ERR, _("Unable to set up a listening TCP socket!"));
+ return -1;
+ }
+
+ if((myself->socket = setup_vpn_in_socket(myself->port)) < 0)
+ {
+ syslog(LOG_ERR, _("Unable to set up a listening UDP socket!"));
/*
create a data (udp) socket
/*
create a data (udp) socket
+ OBSOLETED: use only one listening socket for compatibility with non-Linux operating systems
*/
int setup_vpn_connection(connection_t *cl)
{
*/
int setup_vpn_connection(connection_t *cl)
{
+ FD_SET(myself->socket, fs);
+
RBL_FOREACH(connection_tree, rbl)
{
p = (connection_t *)rbl->data;
if(p->status.meta)
FD_SET(p->meta_socket, fs);
RBL_FOREACH(connection_tree, rbl)
{
p = (connection_t *)rbl->data;
if(p->status.meta)
FD_SET(p->meta_socket, fs);
- if(p->status.dataopen)
- FD_SET(p->socket, fs);
}
FD_SET(myself->meta_socket, fs);
}
FD_SET(myself->meta_socket, fs);
udp socket and write it to the ethertap
device after being decrypted
*/
udp socket and write it to the ethertap
device after being decrypted
*/
-int handle_incoming_vpn_data(connection_t *cl)
+int handle_incoming_vpn_data(void)
{
vpn_packet_t pkt;
int x, l = sizeof(x);
int lenin;
{
vpn_packet_t pkt;
int x, l = sizeof(x);
int lenin;
+ struct sockaddr_in from;
+ socklen_t fromlen = sizeof(from);
+ connection_t *cl;
- if(getsockopt(cl->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
+ if(getsockopt(myself->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
{
syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m"),
{
syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m"),
- __FILE__, __LINE__, cl->socket);
+ __FILE__, __LINE__, myself->socket);
- if((lenin = recv(cl->socket, (char *) &(pkt.len), MTU, 0)) <= 0)
+ if((lenin = recvfrom(myself->socket, (char *) &(pkt.len), MTU, 0, (struct sockaddr *)&from, &fromlen)) <= 0)
{
syslog(LOG_ERR, _("Receiving packet failed: %m"));
return -1;
}
{
syslog(LOG_ERR, _("Receiving packet failed: %m"));
return -1;
}
+ cl = lookup_connection(ntohl(from.sin_addr.s_addr), ntohs(from.sin_port));
+
+ if(!cl)
+ {
+ syslog(LOG_WARNING, _("Received UDP packets on port %d from unknown source %lx:%d"), ntohl(from.sin_addr.s_addr), ntohs(from.sin_port));
+ return 0;
+ }
+
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), lenin,
if(debug_lvl >= DEBUG_TRAFFIC)
{
syslog(LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), lenin,
connection_t *p;
rbl_t *rbl;
cp
connection_t *p;
rbl_t *rbl;
cp
+ if(FD_ISSET(myself->socket, f))
+ handle_incoming_vpn_data();
+
RBL_FOREACH(connection_tree, rbl)
{
p = (connection_t *)rbl->data;
RBL_FOREACH(connection_tree, rbl)
{
p = (connection_t *)rbl->data;
if(p->status.remove)
return;
if(p->status.remove)
return;
- if(p->status.dataopen)
- if(FD_ISSET(p->socket, f))
- {
- handle_incoming_vpn_data(p);
-
- /* Old error stuff (FIXME: copy this to handle_incoming_vpn_data()
-
- getsockopt(p->socket, SOL_SOCKET, SO_ERROR, &x, &l);
- syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"),
- p->name, p->hostname, strerror(x));
- terminate_connection(p);
- */
- return;
- }
-
if(p->status.meta)
if(FD_ISSET(p->meta_socket, f))
if(receive_meta(p) < 0)
if(p->status.meta)
if(FD_ISSET(p->meta_socket, f))
if(receive_meta(p) < 0)
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: process.c,v 1.1.2.14 2000/11/24 23:13:05 guus Exp $
+ $Id: process.c,v 1.1.2.15 2000/11/25 13:33:33 guus Exp $
+ /* First check if we can open a fresh new pidfile */
+
if(write_pidfile())
return -1;
if(write_pidfile())
return -1;
+ /* If we succeeded in doing that, detach */
+
- if(daemon(0, 0) < 0)
- return -1;
+ {
+ if(daemon(0, 0) < 0)
+ return -1;
+
+ /* Now UPDATE the pid in the pidfile, because we changed it... */
+
+ if(!write_pid(pidfilename))
+ return 1;
+ }
openlog(identname, LOG_CONS | LOG_PID, LOG_DAEMON);
openlog(identname, LOG_CONS | LOG_PID, LOG_DAEMON);
void _execute_script(const char *name) __attribute__ ((noreturn));
void _execute_script(const char *name)
{
void _execute_script(const char *name) __attribute__ ((noreturn));
void _execute_script(const char *name)
{
char *scriptname;
char *s;
char *scriptname;
char *s;
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol.c,v 1.28.4.66 2000/11/22 22:05:37 guus Exp $
+ $Id: protocol.c,v 1.28.4.67 2000/11/25 13:33:33 guus Exp $
if(cl->status.outgoing)
cl->allow_request = ACK;
if(cl->status.outgoing)
cl->allow_request = ACK;
- setup_vpn_connection(cl);
-
x = send_request(cl, "%d", ACK);
cl->status.encryptout = 1;
cp
x = send_request(cl, "%d", ACK);
cl->status.encryptout = 1;
cp
new->status.active = 1;
new->cipher_pkttype = EVP_bf_cfb();
new->cipher_pktkeylength = cl->cipher_pkttype->key_len + cl->cipher_pkttype->iv_len;
new->status.active = 1;
new->cipher_pkttype = EVP_bf_cfb();
new->cipher_pktkeylength = cl->cipher_pkttype->key_len + cl->cipher_pkttype->iv_len;
-
- /* Okay this is a bit ugly... it would be better to setup UDP sockets dynamically, or
- * perhaps just one UDP socket... but then again, this has benefits too...
- */
-
- setup_vpn_connection(new);
projects / tinc / commitdiff