Preload all Subnets in TunnelServer mode.

This simplifies the logic in protocol_subnet.c.

diff --git a/src/connection.c b/src/connection.c
index 9a26ec9..6229e79 100644 (file)
--- a/src/connection.c
+++ b/src/connection.c
@@ -130,11 +130,11 @@ void dump_connections(void) {
 
 bool read_connection_config(connection_t *c) {
        char *fname;
 
 bool read_connection_config(connection_t *c) {
        char *fname;

-       int x;
+       bool x;

 
        xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
        x = read_config_file(c->config_tree, fname);
        free(fname);
 
 
        xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
        x = read_config_file(c->config_tree, fname);
        free(fname);
 

-       return x == 0;
+       return x;

 }
 }

diff --git a/src/net_setup.c b/src/net_setup.c
index 6360c59..cad84cc 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -201,6 +201,65 @@ bool read_rsa_private_key(void) {
        return true;
 }
 
        return true;
 }
 

+/*
+  Read Subnets from all host config files
+*/
+static void load_all_subnets(void) {
+       DIR *dir;
+       struct dirent *ent;
+       char *dname;
+       char *fname;
+       avl_tree_t *config_tree;
+       config_t *cfg;
+       subnet_t *s;
+       node_t *n;
+       bool result;
+
+       xasprintf(&dname, "%s/hosts", confbase);
+       dir = opendir(dname);
+       if(!dir) {
+               logger(LOG_ERR, "Could not open %s: %s", dname, strerror(errno));
+               free(dname);
+               return;
+       }
+
+       while((ent = readdir(dir))) {
+               if(!check_id(ent->d_name))
+                       continue;
+
+               n = lookup_node(ent->d_name);
+               if(n)
+                       continue;
+
+               #ifdef _DIRENT_HAVE_D_TYPE
+               //if(ent->d_type != DT_REG)
+               //      continue;
+               #endif
+
+               xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name);
+               init_configuration(&config_tree);
+               result = read_config_file(config_tree, fname);
+               free(fname);
+               if(!result)
+                       continue;
+
+               n = new_node();
+               n->name = xstrdup(ent->d_name);
+               node_add(n);
+
+               for(cfg = lookup_config(config_tree, "Subnet"); cfg; cfg = lookup_config_next(config_tree, cfg)) {
+                       if(!get_config_subnet(cfg, &s))
+                               continue;
+
+                       subnet_add(n, s);
+               }
+
+               exit_configuration(&config_tree);
+       }
+
+       closedir(dir);
+}
+

 /*
   Configure node_t myself and set up the local sockets (listen only)
 */
 /*
   Configure node_t myself and set up the local sockets (listen only)
 */


@@ -426,6 +485,9 @@ bool setup_myself(void) {
 
        graph();
 
 
        graph();
 

+       if(tunnelserver)
+               load_all_subnets();
+

        /* Open device */
 
        if(!setup_device())
        /* Open device */
 
        if(!setup_device())

diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c
index ba75c89..7098e2a 100644 (file)
--- a/src/protocol_subnet.c
+++ b/src/protocol_subnet.c
@@ -104,29 +104,12 @@ bool add_subnet_h(connection_t *c) {
                return true;
        }
 
                return true;
        }
 

-       /* In tunnel server mode, check if the subnet matches one in the config file of this node */
+       /* In tunnel server mode, we should already know all allowed subnets */

 
        if(tunnelserver) {
 
        if(tunnelserver) {

-               config_t *cfg;
-               subnet_t *allowed;
-
-               for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
-                       if(!get_config_subnet(cfg, &allowed))
-                               continue;
-
-                       if(!subnet_compare(&s, allowed))
-                               break;
-
-                       free_subnet(allowed);
-               }
-
-               if(!cfg) {
-                       logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
-                                       "ADD_SUBNET", c->name, c->hostname, subnetstr);
-                       return true;
-               }
-
-               free_subnet(allowed);
+               logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
+                               "ADD_SUBNET", c->name, c->hostname, subnetstr);
+               return true;

        }
 
        /* If everything is correct, add the subnet to the list of the owner */
        }
 
        /* If everything is correct, add the subnet to the list of the owner */


@@ -139,8 +122,7 @@ bool add_subnet_h(connection_t *c) {
 
        /* Tell the rest */
 
 
        /* Tell the rest */
 

-       if(!tunnelserver)
-               forward_request(c);
+       forward_request(c);

 
        /* Fast handoff of roaming MAC addresses */
 
 
        /* Fast handoff of roaming MAC addresses */
 


@@ -228,10 +210,12 @@ bool del_subnet_h(connection_t *c) {
                return true;
        }
 
                return true;
        }
 

+       if(tunnelserver)
+               return true;
+

        /* Tell the rest */
 
        /* Tell the rest */
 

-       if(!tunnelserver)
-               forward_request(c);
+       forward_request(c);

 
        /* Finally, delete it. */
 
 
        /* Finally, delete it. */