From 069c146656b8f952e465492c53ab5b514e959565 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Mon, 1 May 2000 22:00:02 +0000 Subject: [PATCH 01/16] Mentioned new metaprotocol. --- NEWS | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 439f9d97..848ce439 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,6 @@ -version 1.0 Apr x 2000 - * The fix that was in 0.3.3 appeared to be wrong. Fixed now. +version 1.0pre1 May x 2000 + * New meta-protocol + * Various other bugfixes * Documentation updates version 0.3.3 Feb 9 2000 -- 2.20.1 From 989d7edc07fd407e7f7838b45986f4e37359ef97 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 2 May 2000 09:10:33 +0000 Subject: [PATCH 02/16] Fixed small mistake that would prevent forwarding requests. --- src/net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/net.c b/src/net.c index 7ee41b82..69616b48 100644 --- a/src/net.c +++ b/src/net.c @@ -962,8 +962,8 @@ cp { if(cl->buffer[i] == '\n') { - cl->buffer[i] = 0; /* turn end-of-line into end-of-string */ p = i + 1; + cl->buffer[p] = 0; /* add end-of-string so we can use sscanf */ break; } } -- 2.20.1 From aeccaca829842910b4a5c8a5fa61e1738492bea6 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 2 May 2000 09:55:34 +0000 Subject: [PATCH 03/16] Previous fix fixed. Meta protocol should be really flawless from now on! --- src/net.c | 12 ++++++------ src/net.h | 1 + src/protocol.c | 8 ++++++-- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/net.c b/src/net.c index 69616b48..ebcaeb36 100644 --- a/src/net.c +++ b/src/net.c @@ -956,19 +956,19 @@ cp for(;;) { - p=0; + cl->reqlen = 0; for(i = oldlen; i < cl->buflen; i++) { if(cl->buffer[i] == '\n') { - p = i + 1; - cl->buffer[p] = 0; /* add end-of-string so we can use sscanf */ + cl->buffer[i] = 0; /* replace end-of-line by end-of-string so we can use sscanf */ + cl->reqlen = i + 1; break; } } - if(p) + if(cl->reqlen) { if(sscanf(cl->buffer, "%d", &request) == 1) { @@ -988,8 +988,8 @@ cp syslog(LOG_ERR, "Bogus data received: %s", cl->buffer); } - cl->buflen -= p; - memmove(cl->buffer, cl->buffer + p, cl->buflen); + cl->buflen -= cl->reqlen; + memmove(cl->buffer, cl->buffer + cl->reqlen, cl->buflen); oldlen = 0; } else diff --git a/src/net.h b/src/net.h index 27a16cf8..dffc7cb1 100644 --- a/src/net.h +++ b/src/net.h @@ -114,6 +114,7 @@ typedef struct conn_list_t { enc_key_t *key; /* encrypt with this key */ char buffer[MAXBUFSIZE]; /* metadata input buffer */ int buflen; /* bytes read into buffer */ + int reqlen; /* length of first request in buffer */ struct conn_list_t *nexthop; /* nearest meta-hop in this direction */ struct conn_list_t *next; /* after all, it's a list of connections */ } conn_list_t; diff --git a/src/protocol.c b/src/protocol.c index 0a27692e..c6b6fec6 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -616,7 +616,9 @@ cp syslog(LOG_DEBUG, "Forwarding request for public key to " IP_ADDR_S, IP_ADDR_V(fw->nexthop->vpn_ip)); - if(write(fw->nexthop->meta_socket, cl->buffer, strlen(cl->buffer)) < 0) + cl->buffer[cl->reqlen-1] = '\n'; + + if(write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen) < 0) { syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__); return -1; @@ -711,7 +713,9 @@ cp syslog(LOG_DEBUG, "Forwarding public key to " IP_ADDR_S, IP_ADDR_V(fw->nexthop->vpn_ip)); - if((write(fw->nexthop->meta_socket, cl->buffer, strlen(cl->buffer))) < 0) + cl->buffer[cl->reqlen-1] = '\n'; + + if((write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen)) < 0) { syslog(LOG_ERR, "send failed: %s:%d: %m", __FILE__, __LINE__); return -1; -- 2.20.1 From 89610e3fbada1dee79769b8146a500c8357fd81d Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 2 May 2000 10:16:50 +0000 Subject: [PATCH 04/16] Replaced sprintf() by safer snprintf(), removed possible buffer overflow by one byte. --- src/net.h | 2 +- src/protocol.c | 28 ++++++++++++++-------------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/src/net.h b/src/net.h index dffc7cb1..830fe43a 100644 --- a/src/net.h +++ b/src/net.h @@ -112,7 +112,7 @@ typedef struct conn_list_t { valid key to be decrypted with) */ enc_key_t *public_key; /* the other party's public key */ enc_key_t *key; /* encrypt with this key */ - char buffer[MAXBUFSIZE]; /* metadata input buffer */ + char buffer[MAXBUFSIZE+1]; /* metadata input buffer */ int buflen; /* bytes read into buffer */ int reqlen; /* length of first request in buffer */ struct conn_list_t *nexthop; /* nearest meta-hop in this direction */ diff --git a/src/protocol.c b/src/protocol.c index c6b6fec6..da35a96f 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -35,7 +35,7 @@ #include "netutl.h" #include "protocol.h" -char buffer[MAXBUFSIZE]; +char buffer[MAXBUFSIZE+1]; int buflen; int send_ack(conn_list_t *cl) @@ -44,7 +44,7 @@ cp if(debug_lvl > 2) syslog(LOG_DEBUG, "Send ACK to %s", cl->hostname); - buflen = sprintf(buffer, "%d\n", ACK); + buflen = snprintf(buffer, MAXBUFLEN, "%d\n", ACK); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -64,7 +64,7 @@ cp syslog(LOG_DEBUG, "Send TERMREQ to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d %lx\n", TERMREQ, myself->vpn_ip); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", TERMREQ, myself->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -82,7 +82,7 @@ cp syslog(LOG_DEBUG, "Send TIMEOUT to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -100,7 +100,7 @@ cp syslog(LOG_DEBUG, "Sending delete host " IP_ADDR_S " to " IP_ADDR_S, IP_ADDR_V(new_host->vpn_ip), IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d %lx\n", DEL_HOST, new_host->vpn_ip); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", DEL_HOST, new_host->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -117,7 +117,7 @@ cp if(debug_lvl > 3) syslog(LOG_DEBUG, "pinging " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d\n", PING); + buflen = snprintf(buffer, MAXBUFLEN, "%d\n", PING); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -131,7 +131,7 @@ cp int send_pong(conn_list_t *cl) { cp - buflen = sprintf(buffer, "%d\n", PONG); + buflen = snprintf(buffer, MAXBUFLEN, "%d\n", PONG); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -149,7 +149,7 @@ cp syslog(LOG_DEBUG, "Sending add host to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d %lx %lx/%lx:%x\n", ADD_HOST, new_host->real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx %lx/%lx:%x\n", ADD_HOST, new_host->real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -167,7 +167,7 @@ cp syslog(LOG_DEBUG, "Sending KEY_CHANGED to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d %lx\n", KEY_CHANGED, src->vpn_ip); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", KEY_CHANGED, src->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -195,7 +195,7 @@ cp syslog(LOG_DEBUG, "Send BASIC_INFO to " IP_ADDR_S, IP_ADDR_V(cl->real_ip)); - buflen = sprintf(buffer, "%d %d %lx/%lx:%x\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port); + buflen = snprintf(buffer, MAXBUFLEN, "%d %d %lx/%lx:%x\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -234,7 +234,7 @@ cp syslog(LOG_DEBUG, "Send PUBLIC_KEY %s to " IP_ADDR_S, my_public_key_base36, IP_ADDR_V(cl->vpn_ip)); - buflen = sprintf(buffer, "%d %s\n", PUBLIC_KEY, my_public_key_base36); + buflen = snprintf(buffer, MAXBUFLEN, "%d %s\n", PUBLIC_KEY, my_public_key_base36); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -248,7 +248,7 @@ cp int send_calculate(conn_list_t *cl, char *k) { cp - buflen = sprintf(buffer, "%d %s\n", CALCULATE, k); + buflen = snprintf(buffer, MAXBUFLEN, "%d %s\n", CALCULATE, k); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -275,7 +275,7 @@ cp syslog(LOG_DEBUG, "Sending out request for public key to " IP_ADDR_S, IP_ADDR_V(fw->nexthop->vpn_ip)); - buflen = sprintf(buffer, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip); if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0) { @@ -305,7 +305,7 @@ cp syslog(LOG_DEBUG, "Sending public key to " IP_ADDR_S, IP_ADDR_V(fw->nexthop->vpn_ip)); - buflen = sprintf(buffer, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36); + buflen = snprintf(buffer, MAXBUFLEN, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36); if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0) { -- 2.20.1 From 2bc7a0c92831802eec167ad193515962a63690dd Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Wed, 3 May 2000 15:01:54 +0000 Subject: [PATCH 05/16] Fix a typo, better handling of the info document. (from Mads Kiilerich) --- redhat/tinc | 2 +- redhat/tinc.spec | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/redhat/tinc b/redhat/tinc index b9ce1f1c..e2a75439 100644 --- a/redhat/tinc +++ b/redhat/tinc @@ -207,7 +207,7 @@ case "$1" in vpn_stop $vpn && action "" /bin/true done - rm -f /var/lock/susbsys/tinc + rm -f /var/lock/subsys/tinc ;; status) diff --git a/redhat/tinc.spec b/redhat/tinc.spec index 24bdde48..ffb6aa9f 100644 --- a/redhat/tinc.spec +++ b/redhat/tinc.spec @@ -93,17 +93,17 @@ grep -q '^alias tap0' /etc/conf.modules || cat >> /etc/conf.modules << END alias tap0 ethertap alias char-major-36 netlink_dev END -/sbin/install-info /usr/info/tinc.info.gz /usr/info/dir --entry="* tinc: (tinc). The tinc Manual." +/sbin/install-info /usr/info/tinc.info.gz /usr/info/dir %preun -/sbin/install-info --delete /usr/info/tinc.info.gz /usr/info/dir --entry="* tinc: (tinc). The tinc Manual." +/sbin/install-info --delete /usr/info/tinc.info.gz /usr/info/dir %postun %files %doc AUTHORS ChangeLog NEWS README THANKS *.html doc/tinc.conf.sample %config /etc/tinc/ -/etc/rc.d/init.d/tinc +%attr(0755,root,root) /etc/rc.d/init.d/tinc /usr/sbin/genauth /usr/sbin/tincd /usr/lib/tinc/ -- 2.20.1 From 505b5ec2cd9d6cf3dc655284a8c4041ce8527a07 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Wed, 3 May 2000 15:37:32 +0000 Subject: [PATCH 06/16] Outgoing packets now use network byte order in header. --- src/net.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/net.c b/src/net.c index ebcaeb36..83824df7 100644 --- a/src/net.c +++ b/src/net.c @@ -93,12 +93,14 @@ int xsend(conn_list_t *cl, void *packet) real_packet_t rp; cp do_encrypt((vpn_packet_t*)packet, &rp, cl->key); - rp.from = myself->vpn_ip; + rp.from = htonl(myself->vpn_ip); + rp.data->len = htons(rp.data->len); + rp.len = htons(rp.data->len); if(debug_lvl > 3) - syslog(LOG_ERR, "Sent %d bytes to %lx", rp.len, cl->vpn_ip); + syslog(LOG_ERR, "Sent %d bytes to %lx", ntohs(rp.len), cl->vpn_ip); - if((r = send(cl->socket, (char*)&rp, rp.len, 0)) < 0) + if((r = send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0) { syslog(LOG_ERR, "Error sending data: %m"); return -1; @@ -114,6 +116,10 @@ int xrecv(conn_list_t *cl, void *packet) vpn_packet_t vp; int lenin; cp + packet->data->len = ntohs(packet->data->len); + packet->len = ntohs(packet->len); + packet->from = ntohl(packet->from); + do_decrypt((real_packet_t*)packet, &vp, cl->key); add_mac_addresses(&vp); -- 2.20.1 From 78532475238b23eb52ac88d905fbf966d97a79d2 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Wed, 3 May 2000 17:59:07 +0000 Subject: [PATCH 07/16] Fixes typo and UDP network byte order. --- src/net.c | 17 +++++++++-------- src/protocol.c | 26 +++++++++++++------------- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/src/net.c b/src/net.c index 83824df7..b3474c37 100644 --- a/src/net.c +++ b/src/net.c @@ -94,8 +94,8 @@ int xsend(conn_list_t *cl, void *packet) cp do_encrypt((vpn_packet_t*)packet, &rp, cl->key); rp.from = htonl(myself->vpn_ip); - rp.data->len = htons(rp.data->len); - rp.len = htons(rp.data->len); + rp.data.len = htons(rp.data.len); + rp.len = htons(rp.len); if(debug_lvl > 3) syslog(LOG_ERR, "Sent %d bytes to %lx", ntohs(rp.len), cl->vpn_ip); @@ -111,15 +111,11 @@ cp return 0; } -int xrecv(conn_list_t *cl, void *packet) +int xrecv(conn_list_t *cl, real_packet_t *packet) { vpn_packet_t vp; int lenin; cp - packet->data->len = ntohs(packet->data->len); - packet->len = ntohs(packet->len); - packet->from = ntohl(packet->from); - do_decrypt((real_packet_t*)packet, &vp, cl->key); add_mac_addresses(&vp); @@ -777,6 +773,11 @@ cp return -1; } total_socket_in += lenin; + + rp.data.len = ntohs(rp.data.len); + rp.len = ntohs(rp.len); + rp.from = ntohl(rp.from); + if(rp.len >= 0) { f = lookup_conn(rp.from); @@ -929,7 +930,7 @@ cp int handle_incoming_meta_data(conn_list_t *cl) { int x, l = sizeof(x); - int request, oldlen, p, i; + int request, oldlen, i; int lenin = 0; cp if(getsockopt(cl->meta_socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0) diff --git a/src/protocol.c b/src/protocol.c index da35a96f..b5305e8f 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -44,7 +44,7 @@ cp if(debug_lvl > 2) syslog(LOG_DEBUG, "Send ACK to %s", cl->hostname); - buflen = snprintf(buffer, MAXBUFLEN, "%d\n", ACK); + buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", ACK); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -64,7 +64,7 @@ cp syslog(LOG_DEBUG, "Send TERMREQ to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", TERMREQ, myself->vpn_ip); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", TERMREQ, myself->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -82,7 +82,7 @@ cp syslog(LOG_DEBUG, "Send TIMEOUT to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -100,7 +100,7 @@ cp syslog(LOG_DEBUG, "Sending delete host " IP_ADDR_S " to " IP_ADDR_S, IP_ADDR_V(new_host->vpn_ip), IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", DEL_HOST, new_host->vpn_ip); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", DEL_HOST, new_host->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -117,7 +117,7 @@ cp if(debug_lvl > 3) syslog(LOG_DEBUG, "pinging " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d\n", PING); + buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PING); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -131,7 +131,7 @@ cp int send_pong(conn_list_t *cl) { cp - buflen = snprintf(buffer, MAXBUFLEN, "%d\n", PONG); + buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PONG); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -149,7 +149,7 @@ cp syslog(LOG_DEBUG, "Sending add host to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx %lx/%lx:%x\n", ADD_HOST, new_host->real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx/%lx:%x\n", ADD_HOST, new_host->real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -167,7 +167,7 @@ cp syslog(LOG_DEBUG, "Sending KEY_CHANGED to " IP_ADDR_S, IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx\n", KEY_CHANGED, src->vpn_ip); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", KEY_CHANGED, src->vpn_ip); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -195,7 +195,7 @@ cp syslog(LOG_DEBUG, "Send BASIC_INFO to " IP_ADDR_S, IP_ADDR_V(cl->real_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %d %lx/%lx:%x\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %d %lx/%lx:%x\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -234,7 +234,7 @@ cp syslog(LOG_DEBUG, "Send PUBLIC_KEY %s to " IP_ADDR_S, my_public_key_base36, IP_ADDR_V(cl->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %s\n", PUBLIC_KEY, my_public_key_base36); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PUBLIC_KEY, my_public_key_base36); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -248,7 +248,7 @@ cp int send_calculate(conn_list_t *cl, char *k) { cp - buflen = snprintf(buffer, MAXBUFLEN, "%d %s\n", CALCULATE, k); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", CALCULATE, k); if((write(cl->meta_socket, buffer, buflen)) < 0) { @@ -275,7 +275,7 @@ cp syslog(LOG_DEBUG, "Sending out request for public key to " IP_ADDR_S, IP_ADDR_V(fw->nexthop->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip); if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0) { @@ -305,7 +305,7 @@ cp syslog(LOG_DEBUG, "Sending public key to " IP_ADDR_S, IP_ADDR_V(fw->nexthop->vpn_ip)); - buflen = snprintf(buffer, MAXBUFLEN, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36); + buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36); if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0) { -- 2.20.1 From a083b1cf305f3d241f2f4b36968a5b1ed9117612 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Wed, 3 May 2000 18:02:15 +0000 Subject: [PATCH 08/16] Squashed gcc warning. --- src/net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/net.c b/src/net.c index b3474c37..7b9133e0 100644 --- a/src/net.c +++ b/src/net.c @@ -111,7 +111,7 @@ cp return 0; } -int xrecv(conn_list_t *cl, real_packet_t *packet) +int xrecv(conn_list_t *cl, void *packet) { vpn_packet_t vp; int lenin; -- 2.20.1 From 3d218a31145cf6a4c625ed287cdf3f99e4fd9a03 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Wed, 3 May 2000 23:00:38 +0000 Subject: [PATCH 09/16] Don't use error.h or error(), put #error in front of cpp errors. --- lib/xmalloc.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/lib/xmalloc.c b/lib/xmalloc.c index 6cb0b82b..ce1888d8 100644 --- a/lib/xmalloc.c +++ b/lib/xmalloc.c @@ -39,7 +39,6 @@ void free (); #endif #define N_(Text) Text -#include "error.h" #include "xalloc.h" #ifndef EXIT_FAILURE @@ -54,11 +53,11 @@ void *xrealloc (void *p, size_t n); #endif #ifndef HAVE_DONE_WORKING_MALLOC_CHECK -you must run the autoconf test for a properly working malloc -- see malloc.m4 +#error you must run the autoconf test for a properly working malloc -- see malloc.m4 #endif #ifndef HAVE_DONE_WORKING_REALLOC_CHECK -you must run the autoconf test for a properly working realloc -- see realloc.m4 +#error you must run the autoconf test for a properly working realloc -- see realloc.m4 #endif /* Exit value when the requested amount of memory is not available. @@ -71,18 +70,13 @@ char *const xalloc_msg_memory_exhausted = N_("Memory exhausted"); /* FIXME: describe */ void (*xalloc_fail_func) (int) = 0; -#if __STDC__ && (HAVE_VPRINTF || HAVE_DOPRNT) -void error (int, int, const char *, ...); -#else -void error (); -#endif - static void xalloc_fail (int size) { if (xalloc_fail_func) (*xalloc_fail_func) (size); - error (xalloc_exit_failure, 0, xalloc_msg_memory_exhausted); + fprintf(stderr, "%s\n", xalloc_msg_memory_exhausted); + exit(xalloc_exit_failure); } /* Allocate N bytes of memory dynamically, with error checking. */ -- 2.20.1 From 88a8826cf72297a784d597ba5a2b47058e1faf72 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Wed, 3 May 2000 23:47:06 +0000 Subject: [PATCH 10/16] getopt_long() support for platforms that don't have it. --- lib/Makefile.am | 4 +- lib/getopt.c | 1053 +++++++++++++++++++++++++++++++++++++++++++++++ lib/getopt.h | 133 ++++++ lib/getopt1.c | 189 +++++++++ 4 files changed, 1377 insertions(+), 2 deletions(-) create mode 100644 lib/getopt.c create mode 100644 lib/getopt.h create mode 100644 lib/getopt1.c diff --git a/lib/Makefile.am b/lib/Makefile.am index 7af26e9b..68312785 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -4,11 +4,11 @@ noinst_LIBRARIES = libvpn.a INCLUDES = -I. -I$(top_builddir) -libvpn_a_SOURCES = xmalloc.c pidfile.c utils.c +libvpn_a_SOURCES = xmalloc.c pidfile.c utils.c getopt.c getopt1.c libvpn_a_LIBADD = @LIBOBJS@ @ALLOCA@ libvpn_a_DEPENDENCIES = $(libvpn_a_LIBADD) -noinst_HEADERS = xalloc.h pidfile.h utils.h +noinst_HEADERS = xalloc.h pidfile.h utils.h getopt.h EXTRA_DIST = README \ No newline at end of file diff --git a/lib/getopt.c b/lib/getopt.c new file mode 100644 index 00000000..300f86de --- /dev/null +++ b/lib/getopt.c @@ -0,0 +1,1053 @@ +/* Getopt for GNU. + NOTE: getopt is now part of the C library, so if you don't know what + "Keep this file name-space clean" means, talk to roland@gnu.ai.mit.edu + before changing it! + + Copyright (C) 1987, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97 + Free Software Foundation, Inc. + +NOTE: The canonical source of this file is maintained with the GNU C Library. +Bugs can be reported to bug-glibc@prep.ai.mit.edu. + +This program is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2, or (at your option) any +later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, +USA. */ + +/* This tells Alpha OSF/1 not to define a getopt prototype in . + Ditto for AIX 3.2 and . */ +#ifndef _NO_PROTO +#define _NO_PROTO +#endif + +#ifdef HAVE_CONFIG_H +#include +#endif + +#if !defined (__STDC__) || !__STDC__ +/* This is a separate conditional since some stdc systems + reject `defined (const)'. */ +#ifndef const +#define const +#endif +#endif + +#include + +/* Comment out all this code if we are using the GNU C Library, and are not + actually compiling the library itself. This code is part of the GNU C + Library, but also included in many other GNU distributions. Compiling + and linking in this code is a waste when using the GNU C library + (especially if it is a shared library). Rather than having every GNU + program understand `configure --with-gnu-libc' and omit the object files, + it is simpler to just do this in the source for each such file. */ + +#define GETOPT_INTERFACE_VERSION 2 +#if !defined (_LIBC) && defined (__GLIBC__) && __GLIBC__ >= 2 +#include +#if _GNU_GETOPT_INTERFACE_VERSION == GETOPT_INTERFACE_VERSION +#define ELIDE_CODE +#endif +#endif + +#ifndef ELIDE_CODE + + +/* This needs to come after some library #include + to get __GNU_LIBRARY__ defined. */ +#ifdef __GNU_LIBRARY__ +/* Don't include stdlib.h for non-GNU C libraries because some of them + contain conflicting prototypes for getopt. */ +#include +#include +#endif /* GNU C library. */ + +#ifdef VMS +#include +#if HAVE_STRING_H - 0 +#include +#endif +#endif + +#if defined (WIN32) && !defined (__CYGWIN32__) +/* It's not Unix, really. See? Capital letters. */ +#include +#define getpid() GetCurrentProcessId() +#endif + +#ifndef _ +/* This is for other GNU distributions with internationalized messages. + When compiling libc, the _ macro is predefined. */ +#ifdef HAVE_LIBINTL_H +# include +# define _(msgid) gettext (msgid) +#else +# define _(msgid) (msgid) +#endif +#endif + +/* This version of `getopt' appears to the caller like standard Unix `getopt' + but it behaves differently for the user, since it allows the user + to intersperse the options with the other arguments. + + As `getopt' works, it permutes the elements of ARGV so that, + when it is done, all the options precede everything else. Thus + all application programs are extended to handle flexible argument order. + + Setting the environment variable POSIXLY_CORRECT disables permutation. + Then the behavior is completely standard. + + GNU application programs can use a third alternative mode in which + they can distinguish the relative order of options and other arguments. */ + +#include "getopt.h" + +/* For communication from `getopt' to the caller. + When `getopt' finds an option that takes an argument, + the argument value is returned here. + Also, when `ordering' is RETURN_IN_ORDER, + each non-option ARGV-element is returned here. */ + +char *optarg = NULL; + +/* Index in ARGV of the next element to be scanned. + This is used for communication to and from the caller + and for communication between successive calls to `getopt'. + + On entry to `getopt', zero means this is the first call; initialize. + + When `getopt' returns -1, this is the index of the first of the + non-option elements that the caller should itself scan. + + Otherwise, `optind' communicates from one call to the next + how much of ARGV has been scanned so far. */ + +/* 1003.2 says this must be 1 before any call. */ +int optind = 1; + +/* Formerly, initialization of getopt depended on optind==0, which + causes problems with re-calling getopt as programs generally don't + know that. */ + +int __getopt_initialized = 0; + +/* The next char to be scanned in the option-element + in which the last option character we returned was found. + This allows us to pick up the scan where we left off. + + If this is zero, or a null string, it means resume the scan + by advancing to the next ARGV-element. */ + +static char *nextchar; + +/* Callers store zero here to inhibit the error message + for unrecognized options. */ + +int opterr = 1; + +/* Set to an option character which was unrecognized. + This must be initialized on some systems to avoid linking in the + system's own getopt implementation. */ + +int optopt = '?'; + +/* Describe how to deal with options that follow non-option ARGV-elements. + + If the caller did not specify anything, + the default is REQUIRE_ORDER if the environment variable + POSIXLY_CORRECT is defined, PERMUTE otherwise. + + REQUIRE_ORDER means don't recognize them as options; + stop option processing when the first non-option is seen. + This is what Unix does. + This mode of operation is selected by either setting the environment + variable POSIXLY_CORRECT, or using `+' as the first character + of the list of option characters. + + PERMUTE is the default. We permute the contents of ARGV as we scan, + so that eventually all the non-options are at the end. This allows options + to be given in any order, even with programs that were not written to + expect this. + + RETURN_IN_ORDER is an option available to programs that were written + to expect options and other ARGV-elements in any order and that care about + the ordering of the two. We describe each non-option ARGV-element + as if it were the argument of an option with character code 1. + Using `-' as the first character of the list of option characters + selects this mode of operation. + + The special argument `--' forces an end of option-scanning regardless + of the value of `ordering'. In the case of RETURN_IN_ORDER, only + `--' can cause `getopt' to return -1 with `optind' != ARGC. */ + +static enum +{ + REQUIRE_ORDER, PERMUTE, RETURN_IN_ORDER +} ordering; + +/* Value of POSIXLY_CORRECT environment variable. */ +static char *posixly_correct; + +#ifdef __GNU_LIBRARY__ +/* We want to avoid inclusion of string.h with non-GNU libraries + because there are many ways it can cause trouble. + On some systems, it contains special magic macros that don't work + in GCC. */ +#include +#define my_index strchr +#else + +/* Avoid depending on library functions or files + whose names are inconsistent. */ + +char *getenv (); + +static char * +my_index (str, chr) + const char *str; + int chr; +{ + while (*str) + { + if (*str == chr) + return (char *) str; + str++; + } + return 0; +} + +/* If using GCC, we can safely declare strlen this way. + If not using GCC, it is ok not to declare it. */ +#ifdef __GNUC__ +/* Note that Motorola Delta 68k R3V7 comes with GCC but not stddef.h. + That was relevant to code that was here before. */ +#if !defined (__STDC__) || !__STDC__ +/* gcc with -traditional declares the built-in strlen to return int, + and has done so at least since version 2.4.5. -- rms. */ +extern int strlen (const char *); +#endif /* not __STDC__ */ +#endif /* __GNUC__ */ + +#endif /* not __GNU_LIBRARY__ */ + +/* Handle permutation of arguments. */ + +/* Describe the part of ARGV that contains non-options that have + been skipped. `first_nonopt' is the index in ARGV of the first of them; + `last_nonopt' is the index after the last of them. */ + +static int first_nonopt; +static int last_nonopt; + +#ifdef _LIBC +/* Bash 2.0 gives us an environment variable containing flags + indicating ARGV elements that should not be considered arguments. */ + +/* Defined in getopt_init.c */ +extern char *__getopt_nonoption_flags; + +static int nonoption_flags_max_len; +static int nonoption_flags_len; + +static int original_argc; +static char *const *original_argv; + +extern pid_t __libc_pid; + +/* Make sure the environment variable bash 2.0 puts in the environment + is valid for the getopt call we must make sure that the ARGV passed + to getopt is that one passed to the process. */ +static void +__attribute__ ((unused)) +store_args_and_env (int argc, char *const *argv) +{ + /* XXX This is no good solution. We should rather copy the args so + that we can compare them later. But we must not use malloc(3). */ + original_argc = argc; + original_argv = argv; +} +text_set_element (__libc_subinit, store_args_and_env); + +# define SWAP_FLAGS(ch1, ch2) \ + if (nonoption_flags_len > 0) \ + { \ + char __tmp = __getopt_nonoption_flags[ch1]; \ + __getopt_nonoption_flags[ch1] = __getopt_nonoption_flags[ch2]; \ + __getopt_nonoption_flags[ch2] = __tmp; \ + } +#else /* !_LIBC */ +# define SWAP_FLAGS(ch1, ch2) +#endif /* _LIBC */ + +/* Exchange two adjacent subsequences of ARGV. + One subsequence is elements [first_nonopt,last_nonopt) + which contains all the non-options that have been skipped so far. + The other is elements [last_nonopt,optind), which contains all + the options processed since those non-options were skipped. + + `first_nonopt' and `last_nonopt' are relocated so that they describe + the new indices of the non-options in ARGV after they are moved. */ + +#if defined (__STDC__) && __STDC__ +static void exchange (char **); +#endif + +static void +exchange (argv) + char **argv; +{ + int bottom = first_nonopt; + int middle = last_nonopt; + int top = optind; + char *tem; + + /* Exchange the shorter segment with the far end of the longer segment. + That puts the shorter segment into the right place. + It leaves the longer segment in the right place overall, + but it consists of two parts that need to be swapped next. */ + +#ifdef _LIBC + /* First make sure the handling of the `__getopt_nonoption_flags' + string can work normally. Our top argument must be in the range + of the string. */ + if (nonoption_flags_len > 0 && top >= nonoption_flags_max_len) + { + /* We must extend the array. The user plays games with us and + presents new arguments. */ + char *new_str = malloc (top + 1); + if (new_str == NULL) + nonoption_flags_len = nonoption_flags_max_len = 0; + else + { + memcpy (new_str, __getopt_nonoption_flags, nonoption_flags_max_len); + memset (&new_str[nonoption_flags_max_len], '\0', + top + 1 - nonoption_flags_max_len); + nonoption_flags_max_len = top + 1; + __getopt_nonoption_flags = new_str; + } + } +#endif + + while (top > middle && middle > bottom) + { + if (top - middle > middle - bottom) + { + /* Bottom segment is the short one. */ + int len = middle - bottom; + register int i; + + /* Swap it with the top part of the top segment. */ + for (i = 0; i < len; i++) + { + tem = argv[bottom + i]; + argv[bottom + i] = argv[top - (middle - bottom) + i]; + argv[top - (middle - bottom) + i] = tem; + SWAP_FLAGS (bottom + i, top - (middle - bottom) + i); + } + /* Exclude the moved bottom segment from further swapping. */ + top -= len; + } + else + { + /* Top segment is the short one. */ + int len = top - middle; + register int i; + + /* Swap it with the bottom part of the bottom segment. */ + for (i = 0; i < len; i++) + { + tem = argv[bottom + i]; + argv[bottom + i] = argv[middle + i]; + argv[middle + i] = tem; + SWAP_FLAGS (bottom + i, middle + i); + } + /* Exclude the moved top segment from further swapping. */ + bottom += len; + } + } + + /* Update records for the slots the non-options now occupy. */ + + first_nonopt += (optind - last_nonopt); + last_nonopt = optind; +} + +/* Initialize the internal data when the first call is made. */ + +#if defined (__STDC__) && __STDC__ +static const char *_getopt_initialize (int, char *const *, const char *); +#endif +static const char * +_getopt_initialize (argc, argv, optstring) + int argc; + char *const *argv; + const char *optstring; +{ + /* Start processing options with ARGV-element 1 (since ARGV-element 0 + is the program name); the sequence of previously skipped + non-option ARGV-elements is empty. */ + + first_nonopt = last_nonopt = optind; + + nextchar = NULL; + + posixly_correct = getenv ("POSIXLY_CORRECT"); + + /* Determine how to handle the ordering of options and nonoptions. */ + + if (optstring[0] == '-') + { + ordering = RETURN_IN_ORDER; + ++optstring; + } + else if (optstring[0] == '+') + { + ordering = REQUIRE_ORDER; + ++optstring; + } + else if (posixly_correct != NULL) + ordering = REQUIRE_ORDER; + else + ordering = PERMUTE; + +#ifdef _LIBC + if (posixly_correct == NULL + && argc == original_argc && argv == original_argv) + { + if (nonoption_flags_max_len == 0) + { + if (__getopt_nonoption_flags == NULL + || __getopt_nonoption_flags[0] == '\0') + nonoption_flags_max_len = -1; + else + { + const char *orig_str = __getopt_nonoption_flags; + int len = nonoption_flags_max_len = strlen (orig_str); + if (nonoption_flags_max_len < argc) + nonoption_flags_max_len = argc; + __getopt_nonoption_flags = + (char *) malloc (nonoption_flags_max_len); + if (__getopt_nonoption_flags == NULL) + nonoption_flags_max_len = -1; + else + { + memcpy (__getopt_nonoption_flags, orig_str, len); + memset (&__getopt_nonoption_flags[len], '\0', + nonoption_flags_max_len - len); + } + } + } + nonoption_flags_len = nonoption_flags_max_len; + } + else + nonoption_flags_len = 0; +#endif + + return optstring; +} + +/* Scan elements of ARGV (whose length is ARGC) for option characters + given in OPTSTRING. + + If an element of ARGV starts with '-', and is not exactly "-" or "--", + then it is an option element. The characters of this element + (aside from the initial '-') are option characters. If `getopt' + is called repeatedly, it returns successively each of the option characters + from each of the option elements. + + If `getopt' finds another option character, it returns that character, + updating `optind' and `nextchar' so that the next call to `getopt' can + resume the scan with the following option character or ARGV-element. + + If there are no more option characters, `getopt' returns -1. + Then `optind' is the index in ARGV of the first ARGV-element + that is not an option. (The ARGV-elements have been permuted + so that those that are not options now come last.) + + OPTSTRING is a string containing the legitimate option characters. + If an option character is seen that is not listed in OPTSTRING, + return '?' after printing an error message. If you set `opterr' to + zero, the error message is suppressed but we still return '?'. + + If a char in OPTSTRING is followed by a colon, that means it wants an arg, + so the following text in the same ARGV-element, or the text of the following + ARGV-element, is returned in `optarg'. Two colons mean an option that + wants an optional arg; if there is text in the current ARGV-element, + it is returned in `optarg', otherwise `optarg' is set to zero. + + If OPTSTRING starts with `-' or `+', it requests different methods of + handling the non-option ARGV-elements. + See the comments about RETURN_IN_ORDER and REQUIRE_ORDER, above. + + Long-named options begin with `--' instead of `-'. + Their names may be abbreviated as long as the abbreviation is unique + or is an exact match for some defined option. If they have an + argument, it follows the option name in the same ARGV-element, separated + from the option name by a `=', or else the in next ARGV-element. + When `getopt' finds a long-named option, it returns 0 if that option's + `flag' field is nonzero, the value of the option's `val' field + if the `flag' field is zero. + + The elements of ARGV aren't really const, because we permute them. + But we pretend they're const in the prototype to be compatible + with other systems. + + LONGOPTS is a vector of `struct option' terminated by an + element containing a name which is zero. + + LONGIND returns the index in LONGOPT of the long-named option found. + It is only valid when a long-named option has been found by the most + recent call. + + If LONG_ONLY is nonzero, '-' as well as '--' can introduce + long-named options. */ + +int +_getopt_internal (argc, argv, optstring, longopts, longind, long_only) + int argc; + char *const *argv; + const char *optstring; + const struct option *longopts; + int *longind; + int long_only; +{ + optarg = NULL; + + if (optind == 0 || !__getopt_initialized) + { + if (optind == 0) + optind = 1; /* Don't scan ARGV[0], the program name. */ + optstring = _getopt_initialize (argc, argv, optstring); + __getopt_initialized = 1; + } + + /* Test whether ARGV[optind] points to a non-option argument. + Either it does not have option syntax, or there is an environment flag + from the shell indicating it is not an option. The later information + is only used when the used in the GNU libc. */ +#ifdef _LIBC +#define NONOPTION_P (argv[optind][0] != '-' || argv[optind][1] == '\0' \ + || (optind < nonoption_flags_len \ + && __getopt_nonoption_flags[optind] == '1')) +#else +#define NONOPTION_P (argv[optind][0] != '-' || argv[optind][1] == '\0') +#endif + + if (nextchar == NULL || *nextchar == '\0') + { + /* Advance to the next ARGV-element. */ + + /* Give FIRST_NONOPT & LAST_NONOPT rational values if OPTIND has been + moved back by the user (who may also have changed the arguments). */ + if (last_nonopt > optind) + last_nonopt = optind; + if (first_nonopt > optind) + first_nonopt = optind; + + if (ordering == PERMUTE) + { + /* If we have just processed some options following some non-options, + exchange them so that the options come first. */ + + if (first_nonopt != last_nonopt && last_nonopt != optind) + exchange ((char **) argv); + else if (last_nonopt != optind) + first_nonopt = optind; + + /* Skip any additional non-options + and extend the range of non-options previously skipped. */ + + while (optind < argc && NONOPTION_P) + optind++; + last_nonopt = optind; + } + + /* The special ARGV-element `--' means premature end of options. + Skip it like a null option, + then exchange with previous non-options as if it were an option, + then skip everything else like a non-option. */ + + if (optind != argc && !strcmp (argv[optind], "--")) + { + optind++; + + if (first_nonopt != last_nonopt && last_nonopt != optind) + exchange ((char **) argv); + else if (first_nonopt == last_nonopt) + first_nonopt = optind; + last_nonopt = argc; + + optind = argc; + } + + /* If we have done all the ARGV-elements, stop the scan + and back over any non-options that we skipped and permuted. */ + + if (optind == argc) + { + /* Set the next-arg-index to point at the non-options + that we previously skipped, so the caller will digest them. */ + if (first_nonopt != last_nonopt) + optind = first_nonopt; + return -1; + } + + /* If we have come to a non-option and did not permute it, + either stop the scan or describe it to the caller and pass it by. */ + + if (NONOPTION_P) + { + if (ordering == REQUIRE_ORDER) + return -1; + optarg = argv[optind++]; + return 1; + } + + /* We have found another option-ARGV-element. + Skip the initial punctuation. */ + + nextchar = (argv[optind] + 1 + + (longopts != NULL && argv[optind][1] == '-')); + } + + /* Decode the current option-ARGV-element. */ + + /* Check whether the ARGV-element is a long option. + + If long_only and the ARGV-element has the form "-f", where f is + a valid short option, don't consider it an abbreviated form of + a long option that starts with f. Otherwise there would be no + way to give the -f short option. + + On the other hand, if there's a long option "fubar" and + the ARGV-element is "-fu", do consider that an abbreviation of + the long option, just like "--fu", and not "-f" with arg "u". + + This distinction seems to be the most useful approach. */ + + if (longopts != NULL + && (argv[optind][1] == '-' + || (long_only && (argv[optind][2] || !my_index (optstring, argv[optind][1]))))) + { + char *nameend; + const struct option *p; + const struct option *pfound = NULL; + int exact = 0; + int ambig = 0; + int indfound = -1; + int option_index; + + for (nameend = nextchar; *nameend && *nameend != '='; nameend++) + /* Do nothing. */ ; + + /* Test all long options for either exact match + or abbreviated matches. */ + for (p = longopts, option_index = 0; p->name; p++, option_index++) + if (!strncmp (p->name, nextchar, nameend - nextchar)) + { + if ((unsigned int) (nameend - nextchar) + == (unsigned int) strlen (p->name)) + { + /* Exact match found. */ + pfound = p; + indfound = option_index; + exact = 1; + break; + } + else if (pfound == NULL) + { + /* First nonexact match found. */ + pfound = p; + indfound = option_index; + } + else + /* Second or later nonexact match found. */ + ambig = 1; + } + + if (ambig && !exact) + { + if (opterr) + fprintf (stderr, _("%s: option `%s' is ambiguous\n"), + argv[0], argv[optind]); + nextchar += strlen (nextchar); + optind++; + optopt = 0; + return '?'; + } + + if (pfound != NULL) + { + option_index = indfound; + optind++; + if (*nameend) + { + /* Don't test has_arg with >, because some C compilers don't + allow it to be used on enums. */ + if (pfound->has_arg) + optarg = nameend + 1; + else + { + if (opterr) + if (argv[optind - 1][1] == '-') + /* --option */ + fprintf (stderr, + _("%s: option `--%s' doesn't allow an argument\n"), + argv[0], pfound->name); + else + /* +option or -option */ + fprintf (stderr, + _("%s: option `%c%s' doesn't allow an argument\n"), + argv[0], argv[optind - 1][0], pfound->name); + + nextchar += strlen (nextchar); + + optopt = pfound->val; + return '?'; + } + } + else if (pfound->has_arg == 1) + { + if (optind < argc) + optarg = argv[optind++]; + else + { + if (opterr) + fprintf (stderr, + _("%s: option `%s' requires an argument\n"), + argv[0], argv[optind - 1]); + nextchar += strlen (nextchar); + optopt = pfound->val; + return optstring[0] == ':' ? ':' : '?'; + } + } + nextchar += strlen (nextchar); + if (longind != NULL) + *longind = option_index; + if (pfound->flag) + { + *(pfound->flag) = pfound->val; + return 0; + } + return pfound->val; + } + + /* Can't find it as a long option. If this is not getopt_long_only, + or the option starts with '--' or is not a valid short + option, then it's an error. + Otherwise interpret it as a short option. */ + if (!long_only || argv[optind][1] == '-' + || my_index (optstring, *nextchar) == NULL) + { + if (opterr) + { + if (argv[optind][1] == '-') + /* --option */ + fprintf (stderr, _("%s: unrecognized option `--%s'\n"), + argv[0], nextchar); + else + /* +option or -option */ + fprintf (stderr, _("%s: unrecognized option `%c%s'\n"), + argv[0], argv[optind][0], nextchar); + } + nextchar = (char *) ""; + optind++; + optopt = 0; + return '?'; + } + } + + /* Look at and handle the next short option-character. */ + + { + char c = *nextchar++; + char *temp = my_index (optstring, c); + + /* Increment `optind' when we start to process its last character. */ + if (*nextchar == '\0') + ++optind; + + if (temp == NULL || c == ':') + { + if (opterr) + { + if (posixly_correct) + /* 1003.2 specifies the format of this message. */ + fprintf (stderr, _("%s: illegal option -- %c\n"), + argv[0], c); + else + fprintf (stderr, _("%s: invalid option -- %c\n"), + argv[0], c); + } + optopt = c; + return '?'; + } + /* Convenience. Treat POSIX -W foo same as long option --foo */ + if (temp[0] == 'W' && temp[1] == ';') + { + char *nameend; + const struct option *p; + const struct option *pfound = NULL; + int exact = 0; + int ambig = 0; + int indfound = 0; + int option_index; + + /* This is an option that requires an argument. */ + if (*nextchar != '\0') + { + optarg = nextchar; + /* If we end this ARGV-element by taking the rest as an arg, + we must advance to the next element now. */ + optind++; + } + else if (optind == argc) + { + if (opterr) + { + /* 1003.2 specifies the format of this message. */ + fprintf (stderr, _("%s: option requires an argument -- %c\n"), + argv[0], c); + } + optopt = c; + if (optstring[0] == ':') + c = ':'; + else + c = '?'; + return c; + } + else + /* We already incremented `optind' once; + increment it again when taking next ARGV-elt as argument. */ + optarg = argv[optind++]; + + /* optarg is now the argument, see if it's in the + table of longopts. */ + + for (nextchar = nameend = optarg; *nameend && *nameend != '='; nameend++) + /* Do nothing. */ ; + + /* Test all long options for either exact match + or abbreviated matches. */ + for (p = longopts, option_index = 0; p->name; p++, option_index++) + if (!strncmp (p->name, nextchar, nameend - nextchar)) + { + if ((unsigned int) (nameend - nextchar) == strlen (p->name)) + { + /* Exact match found. */ + pfound = p; + indfound = option_index; + exact = 1; + break; + } + else if (pfound == NULL) + { + /* First nonexact match found. */ + pfound = p; + indfound = option_index; + } + else + /* Second or later nonexact match found. */ + ambig = 1; + } + if (ambig && !exact) + { + if (opterr) + fprintf (stderr, _("%s: option `-W %s' is ambiguous\n"), + argv[0], argv[optind]); + nextchar += strlen (nextchar); + optind++; + return '?'; + } + if (pfound != NULL) + { + option_index = indfound; + if (*nameend) + { + /* Don't test has_arg with >, because some C compilers don't + allow it to be used on enums. */ + if (pfound->has_arg) + optarg = nameend + 1; + else + { + if (opterr) + fprintf (stderr, _("\ +%s: option `-W %s' doesn't allow an argument\n"), + argv[0], pfound->name); + + nextchar += strlen (nextchar); + return '?'; + } + } + else if (pfound->has_arg == 1) + { + if (optind < argc) + optarg = argv[optind++]; + else + { + if (opterr) + fprintf (stderr, + _("%s: option `%s' requires an argument\n"), + argv[0], argv[optind - 1]); + nextchar += strlen (nextchar); + return optstring[0] == ':' ? ':' : '?'; + } + } + nextchar += strlen (nextchar); + if (longind != NULL) + *longind = option_index; + if (pfound->flag) + { + *(pfound->flag) = pfound->val; + return 0; + } + return pfound->val; + } + nextchar = NULL; + return 'W'; /* Let the application handle it. */ + } + if (temp[1] == ':') + { + if (temp[2] == ':') + { + /* This is an option that accepts an argument optionally. */ + if (*nextchar != '\0') + { + optarg = nextchar; + optind++; + } + else + optarg = NULL; + nextchar = NULL; + } + else + { + /* This is an option that requires an argument. */ + if (*nextchar != '\0') + { + optarg = nextchar; + /* If we end this ARGV-element by taking the rest as an arg, + we must advance to the next element now. */ + optind++; + } + else if (optind == argc) + { + if (opterr) + { + /* 1003.2 specifies the format of this message. */ + fprintf (stderr, + _("%s: option requires an argument -- %c\n"), + argv[0], c); + } + optopt = c; + if (optstring[0] == ':') + c = ':'; + else + c = '?'; + } + else + /* We already incremented `optind' once; + increment it again when taking next ARGV-elt as argument. */ + optarg = argv[optind++]; + nextchar = NULL; + } + } + return c; + } +} + +int +getopt (argc, argv, optstring) + int argc; + char *const *argv; + const char *optstring; +{ + return _getopt_internal (argc, argv, optstring, + (const struct option *) 0, + (int *) 0, + 0); +} + +#endif /* Not ELIDE_CODE. */ + +#ifdef TEST + +/* Compile with -DTEST to make an executable for use in testing + the above definition of `getopt'. */ + +int +main (argc, argv) + int argc; + char **argv; +{ + int c; + int digit_optind = 0; + + while (1) + { + int this_option_optind = optind ? optind : 1; + + c = getopt (argc, argv, "abc:d:0123456789"); + if (c == -1) + break; + + switch (c) + { + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + if (digit_optind != 0 && digit_optind != this_option_optind) + printf ("digits occur in two different argv-elements.\n"); + digit_optind = this_option_optind; + printf ("option %c\n", c); + break; + + case 'a': + printf ("option a\n"); + break; + + case 'b': + printf ("option b\n"); + break; + + case 'c': + printf ("option c with value `%s'\n", optarg); + break; + + case '?': + break; + + default: + printf ("?? getopt returned character code 0%o ??\n", c); + } + } + + if (optind < argc) + { + printf ("non-option ARGV-elements: "); + while (optind < argc) + printf ("%s ", argv[optind++]); + printf ("\n"); + } + + exit (0); +} + +#endif /* TEST */ diff --git a/lib/getopt.h b/lib/getopt.h new file mode 100644 index 00000000..69256fd3 --- /dev/null +++ b/lib/getopt.h @@ -0,0 +1,133 @@ +/* Declarations for getopt. + Copyright (C) 1989,90,91,92,93,94,96,97 Free Software Foundation, Inc. + +NOTE: The canonical source of this file is maintained with the GNU C Library. +Bugs can be reported to bug-glibc@prep.ai.mit.edu. + +This program is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2, or (at your option) any +later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, +USA. */ + +#ifndef _GETOPT_H +#define _GETOPT_H 1 + +#ifdef __cplusplus +extern "C" { +#endif + +/* For communication from `getopt' to the caller. + When `getopt' finds an option that takes an argument, + the argument value is returned here. + Also, when `ordering' is RETURN_IN_ORDER, + each non-option ARGV-element is returned here. */ + +extern char *optarg; + +/* Index in ARGV of the next element to be scanned. + This is used for communication to and from the caller + and for communication between successive calls to `getopt'. + + On entry to `getopt', zero means this is the first call; initialize. + + When `getopt' returns -1, this is the index of the first of the + non-option elements that the caller should itself scan. + + Otherwise, `optind' communicates from one call to the next + how much of ARGV has been scanned so far. */ + +extern int optind; + +/* Callers store zero here to inhibit the error message `getopt' prints + for unrecognized options. */ + +extern int opterr; + +/* Set to an option character which was unrecognized. */ + +extern int optopt; + +/* Describe the long-named options requested by the application. + The LONG_OPTIONS argument to getopt_long or getopt_long_only is a vector + of `struct option' terminated by an element containing a name which is + zero. + + The field `has_arg' is: + no_argument (or 0) if the option does not take an argument, + required_argument (or 1) if the option requires an argument, + optional_argument (or 2) if the option takes an optional argument. + + If the field `flag' is not NULL, it points to a variable that is set + to the value given in the field `val' when the option is found, but + left unchanged if the option is not found. + + To have a long-named option do something other than set an `int' to + a compiled-in constant, such as set a value from `optarg', set the + option's `flag' field to zero and its `val' field to a nonzero + value (the equivalent single-letter option character, if there is + one). For long options that have a zero `flag' field, `getopt' + returns the contents of the `val' field. */ + +struct option +{ +#if defined (__STDC__) && __STDC__ + const char *name; +#else + char *name; +#endif + /* has_arg can't be an enum because some compilers complain about + type mismatches in all the code that assumes it is an int. */ + int has_arg; + int *flag; + int val; +}; + +/* Names for the values of the `has_arg' field of `struct option'. */ + +#define no_argument 0 +#define required_argument 1 +#define optional_argument 2 + +#if defined (__STDC__) && __STDC__ +#ifdef __GNU_LIBRARY__ +/* Many other libraries have conflicting prototypes for getopt, with + differences in the consts, in stdlib.h. To avoid compilation + errors, only prototype getopt for the GNU C library. */ +extern int getopt (int argc, char *const *argv, const char *shortopts); +#else /* not __GNU_LIBRARY__ */ +extern int getopt (); +#endif /* __GNU_LIBRARY__ */ +extern int getopt_long (int argc, char *const *argv, const char *shortopts, + const struct option *longopts, int *longind); +extern int getopt_long_only (int argc, char *const *argv, + const char *shortopts, + const struct option *longopts, int *longind); + +/* Internal only. Users should not call this directly. */ +extern int _getopt_internal (int argc, char *const *argv, + const char *shortopts, + const struct option *longopts, int *longind, + int long_only); +#else /* not __STDC__ */ +extern int getopt (); +extern int getopt_long (); +extern int getopt_long_only (); + +extern int _getopt_internal (); +#endif /* __STDC__ */ + +#ifdef __cplusplus +} +#endif + +#endif /* _GETOPT_H */ diff --git a/lib/getopt1.c b/lib/getopt1.c new file mode 100644 index 00000000..6507ba1b --- /dev/null +++ b/lib/getopt1.c @@ -0,0 +1,189 @@ +/* getopt_long and getopt_long_only entry points for GNU getopt. + Copyright (C) 1987,88,89,90,91,92,93,94,96,97 Free Software Foundation, Inc. + +NOTE: The canonical source of this file is maintained with the GNU C Library. +Bugs can be reported to bug-glibc@prep.ai.mit.edu. + +This program is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2, or (at your option) any +later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, +USA. */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "getopt.h" + +#if !defined (__STDC__) || !__STDC__ +/* This is a separate conditional since some stdc systems + reject `defined (const)'. */ +#ifndef const +#define const +#endif +#endif + +#include + +/* Comment out all this code if we are using the GNU C Library, and are not + actually compiling the library itself. This code is part of the GNU C + Library, but also included in many other GNU distributions. Compiling + and linking in this code is a waste when using the GNU C library + (especially if it is a shared library). Rather than having every GNU + program understand `configure --with-gnu-libc' and omit the object files, + it is simpler to just do this in the source for each such file. */ + +#define GETOPT_INTERFACE_VERSION 2 +#if !defined (_LIBC) && defined (__GLIBC__) && __GLIBC__ >= 2 +#include +#if _GNU_GETOPT_INTERFACE_VERSION == GETOPT_INTERFACE_VERSION +#define ELIDE_CODE +#endif +#endif + +#ifndef ELIDE_CODE + + +/* This needs to come after some library #include + to get __GNU_LIBRARY__ defined. */ +#ifdef __GNU_LIBRARY__ +#include +#endif + +#ifndef NULL +#define NULL 0 +#endif + +int +getopt_long (argc, argv, options, long_options, opt_index) + int argc; + char *const *argv; + const char *options; + const struct option *long_options; + int *opt_index; +{ + return _getopt_internal (argc, argv, options, long_options, opt_index, 0); +} + +/* Like getopt_long, but '-' as well as '--' can indicate a long option. + If an option that starts with '-' (not '--') doesn't match a long option, + but does match a short option, it is parsed as a short option + instead. */ + +int +getopt_long_only (argc, argv, options, long_options, opt_index) + int argc; + char *const *argv; + const char *options; + const struct option *long_options; + int *opt_index; +{ + return _getopt_internal (argc, argv, options, long_options, opt_index, 1); +} + + +#endif /* Not ELIDE_CODE. */ + +#ifdef TEST + +#include + +int +main (argc, argv) + int argc; + char **argv; +{ + int c; + int digit_optind = 0; + + while (1) + { + int this_option_optind = optind ? optind : 1; + int option_index = 0; + static struct option long_options[] = + { + {"add", 1, 0, 0}, + {"append", 0, 0, 0}, + {"delete", 1, 0, 0}, + {"verbose", 0, 0, 0}, + {"create", 0, 0, 0}, + {"file", 1, 0, 0}, + {0, 0, 0, 0} + }; + + c = getopt_long (argc, argv, "abc:d:0123456789", + long_options, &option_index); + if (c == -1) + break; + + switch (c) + { + case 0: + printf ("option %s", long_options[option_index].name); + if (optarg) + printf (" with arg %s", optarg); + printf ("\n"); + break; + + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + if (digit_optind != 0 && digit_optind != this_option_optind) + printf ("digits occur in two different argv-elements.\n"); + digit_optind = this_option_optind; + printf ("option %c\n", c); + break; + + case 'a': + printf ("option a\n"); + break; + + case 'b': + printf ("option b\n"); + break; + + case 'c': + printf ("option c with value `%s'\n", optarg); + break; + + case 'd': + printf ("option d with value `%s'\n", optarg); + break; + + case '?': + break; + + default: + printf ("?? getopt returned character code 0%o ??\n", c); + } + } + + if (optind < argc) + { + printf ("non-option ARGV-elements: "); + while (optind < argc) + printf ("%s ", argv[optind++]); + printf ("\n"); + } + + exit (0); +} + +#endif /* TEST */ -- 2.20.1 From 6182664859383a86a47846cafdc1f6fcd73b5a76 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 4 May 2000 00:00:06 +0000 Subject: [PATCH 11/16] Include stdio.h for fprintf. --- lib/xmalloc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/xmalloc.c b/lib/xmalloc.c index ce1888d8..38fb571a 100644 --- a/lib/xmalloc.c +++ b/lib/xmalloc.c @@ -20,6 +20,7 @@ #endif #include +#include #if STDC_HEADERS # include -- 2.20.1 From 87ccd613cab1947878ef60e3c927f717df089233 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 4 May 2000 00:00:50 +0000 Subject: [PATCH 12/16] More for getopt support. --- acconfig.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/acconfig.h b/acconfig.h index 6c39c7d5..e97c14b2 100644 --- a/acconfig.h +++ b/acconfig.h @@ -19,3 +19,10 @@ #if !defined(__USE_BSD) # undef __USE_BSD #endif + +/* For getopt */ +#if HAVE_STDLIB_H +# define getopt system_getopt +# include +# undef getopt +#endif -- 2.20.1 From d4ef7ea0e79ee0d2b7063893f7af5ece886d838b Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 4 May 2000 00:01:05 +0000 Subject: [PATCH 13/16] Check for the existance of libdl. --- configure.in | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/configure.in b/configure.in index 3f872180..ea2c0370 100644 --- a/configure.in +++ b/configure.in @@ -61,5 +61,9 @@ else LIBS="$LIBS -l$libgmp" fi +AC_CHECK_LIB(dl, dlopen, [ + LIBS="$LIBS -ldl" +]) + AC_OUTPUT([Makefile src/Makefile cipher/Makefile cipher/blowfish/Makefile doc/Makefile lib/Makefile m4/Makefile redhat/Makefile debian/Makefile]) -- 2.20.1 From 2f7e532d703bbf6997ae04658379df0b0d844f62 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 4 May 2000 23:16:43 +0000 Subject: [PATCH 14/16] Don't link in libdl. --- src/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 863e660b..0a252d1b 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -12,7 +12,7 @@ noinst_HEADERS = conf.h encr.h net.h netutl.h protocol.h LIBS = @LIBS@ tincd_LDADD = $(top_builddir)/cipher/libcipher.la \ - $(top_builddir)/lib/libvpn.a -ldl + $(top_builddir)/lib/libvpn.a genauth_LDADD = $(top_builddir)/lib/libvpn.a -- 2.20.1 From 74b0cbecce5194dc5c594cc4e2aa3e97c14ea6c1 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 4 May 2000 23:17:02 +0000 Subject: [PATCH 15/16] Include sys/types.h. --- src/encr.c | 2 ++ src/protocol.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/src/encr.c b/src/encr.c index fe7b2e8f..cde6a991 100644 --- a/src/encr.c +++ b/src/encr.c @@ -19,6 +19,8 @@ #include "config.h" +#include + #include #include #include diff --git a/src/protocol.c b/src/protocol.c index b5305e8f..5d84c5d7 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -19,6 +19,8 @@ #include "config.h" +#include + #include #include #include -- 2.20.1 From bce2179fe350bf34cde0caab97f72c0930539840 Mon Sep 17 00:00:00 2001 From: Ivo Timmermans Date: Thu, 4 May 2000 23:26:24 +0000 Subject: [PATCH 16/16] Copied most of the code from the redhat script. --- debian/init.d | 209 +++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 191 insertions(+), 18 deletions(-) diff --git a/debian/init.d b/debian/init.d index ffe51bd3..16b09613 100644 --- a/debian/init.d +++ b/debian/init.d @@ -1,4 +1,4 @@ -#! /bin/sh +#! /bin/sh -x # # skeleton example file to build /etc/init.d/ scripts. # This file should be used to construct scripts for /etc/init.d. @@ -12,26 +12,196 @@ # This file was automatically customized by dh-make on Fri, 21 Apr 2000 17:07:50 +0200 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/tinc +DAEMON=/usr/sbin/tincd NAME=tinc -DESC=tinc +DESC="tinc daemons" +NETS="test2" + +TCONF="/etc/tinc" test -f $DAEMON || exit 0 set -e +# Check the daemon +if [ ! -x $TINCD ]; then + echo "**tinc: daemon $TINCD does not exist or is not executable!" + exit +fi + +# Check the configuration directory +if [ ! -d $TCONF ]; then + echo "**tinc: configuration directory ($TCONF) not found!" + exit +fi + + +############################################################################## +# vpn_load () Loads VPN configuration +# +# $1 ... VPN to load + + +vpn_load () { + CFG="$TCONF/$1/tinc.conf" + [ -f $CFG ] || { echo "tinc: $CFG does not exist" >&2 ; return 1; } + + # load TINCD config + DEV=`grep -i -e '^[[:space:]]*TapDevice' $CFG | sed 's/[[:space:]]//g; s/^.*=//g'` + VPN=`grep -i -e '^[[:space:]]*(MyOwnVPNIP|MyVirtualIP)' -E $CFG | head -1 | sed 's/[[:space:]]//g; s/^.*=//g'` + + # discourage empty and multiple entries + [ -z "$DEV" ] && \ + { echo "tinc: TapDevice required" >&2 ; return 2; } + echo $DEV | grep -q '^/dev/tap' || + { echo "tinc: TapDevice should be in form /dev/tapX" >&2 ; return 2; } + [ `echo $DEV | wc -l` -gt 1 ] && + { echo "tinc: multiple TapDevice entries not allowed" >&2 ; return 3; } + [ -z "$VPN" ] && \ + { echo "tinc: MyOwnVPNIP/MyVirtualIP required" >&2 ; return 2; } + [ `echo $VPN | wc -l` -gt 1 ] && + { echo "tinc: multiple MyOwnVPNIP/MyVirtualIP entries not allowed" >&2 ; return 3; } + echo $VPN | grep -q -x \ + '\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}/[[:digit:]]\{1,2\}' || \ + { echo "tinc: badly formed MyOwnVPNIP/MyVirtualIP address $VPN" ; return 3; } + + # network device + TAP=`echo $DEV | cut -d"/" -f3` + NUM=`echo $TAP | sed 's/tap//'` + + # IP address, netmask length + ADR=`echo $VPN | cut -d"/" -f1` + LEN=`echo $VPN | cut -d"/" -f2` + + # Expand bitlength to netmask + MSK=""; len=$LEN + for cnt in 1 1 1 0 ; do + if [ $len -ge 8 ]; then + msk=8 + else + msk=$len + fi + + MSK="$MSK$((255 & (255 << (8 - msk))))" + [ $cnt -ne 0 ] && MSK="$MSK." + len=$((len-msk)) + done + + # Network & broadcast addresses +# BRD=`ipcalc --broadcast $ADR $MSK | cut -d"=" -f2` +# NET=`ipcalc --network $ADR $MSK | cut -d"=" -f2` + + # MAC address + MAC=`printf "fe:fd:%0.2x:%0.2x:%0.2x:%0.2x" $(echo $ADR | sed 's/\./ /g')` + echo + echo "TAP $TAP NUM $NUM ADR $ADR LEN $LEN MSK $MSK BRD $BRD NET $NET MAC $MAC" >&2 + return 0 +} + + +############################################################################## +# vpn_start () starts specified VPN +# +# $1 ... VPN to start + +vpn_start () { + + vpn_load $1 || { echo "**tinc: could not vpn_load $1" >&2 ; return 1; } + + # create device file + if [ ! -c $DEV ]; then + [ -e $DEV ] && rm -f $DEV + mknod --mode=0600 $DEV c 36 $((16 + NUM)) + fi + + # load device module + { insmod ethertap --name="ethertap$NUM" unit="$NUM" 2>&1 || \ + { echo "**tinc: cannot insmod ethertap$NUM" >&2 ; return 2; } ; + } | grep -v '^Us' + + # configure the interface + ip link set $TAP address $MAC + ip link set $TAP up + ip addr flush dev $TAP 2>&1 | grep -v -x '^Nothing to flush.' + ip addr add $VPN brd $BRD dev $TAP + + # start tincd + $TINCD --net="$1" $DEBUG || \ + { echo "**tinc: could not start $TINCD" >&2; return 3; } + + # default interface route + # ip route add $NET/$LEN dev $TAP + + # setup routes + /etc/sysconfig/network-scripts/ifup-routes $TAP + + return 0 +} # vpn_start + + +############################################################################## +# vpn_stop () Stops specified VPN +# +# $1 ... VPN to stop + +vpn_stop () { + + vpn_load $1 || return 1 + + # flush the routing table + # ip route flush dev $TAP &> /dev/null + + # kill the tincd daemon + PID="$TPIDS/tinc.$1.pid" + if [ -f $PID ]; then + $TINCD --net="$1" --kill &> /dev/null + RET=$? + + if [ $RET -eq 0 ]; then + dly=0 + while [ $dly -le 5 ]; do + [ -f $PID ] || break + sleep 1; dly=$((dly+1)) + done + fi + + [ -f $PID ] && rm -f $PID + fi + + # bring the interface down + ip link set $TAP down &> /dev/null + + # remove ethertap module + rmmod "ethertap$NUM" &> /dev/null + + return 0 +} # vpn_stop + + + + + + + case "$1" in start) - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \ - --exec $DAEMON - echo "$NAME." + echo -n "Starting $DESC:" + for net in $NETS ; do + echo -n " $net" + vpn_start $net + start-stop-daemon --start --quiet --pidfile /var/run/$NAME.$net.pid \ + --exec $DAEMON -- -n $net + done + echo "." ;; stop) - echo -n "Stopping $DESC: " - start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.pid \ - --exec $DAEMON - echo "$NAME." + echo -n "Stopping $DESC:" + for net in $NETS ; do + echo -n " $net" + start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.$net.pid \ + --exec $DAEMON -- -n $net -k + done + echo "." ;; #reload) # @@ -51,13 +221,16 @@ case "$1" in # option to the "reload" entry above. If not, "force-reload" is # just the same as "restart". # - echo -n "Restarting $DESC: " - start-stop-daemon --stop --quiet --pidfile \ - /var/run/$NAME.pid --exec $DAEMON - sleep 1 - start-stop-daemon --start --quiet --pidfile \ - /var/run/$NAME.pid --exec $DAEMON - echo "$NAME." + echo -n "Restarting $DESC:" + for net in $NETS ; do + start-stop-daemon --stop --quiet --pidfile \ + /var/run/$NAME.$net.pid --exec $DAEMON -- -n $net -k + sleep 1 + start-stop-daemon --start --quiet --pidfile \ + /var/run/$NAME.$net.pid --exec $DAEMON -- -n $net + echo -n " $net" + done + echo "." ;; *) N=/etc/init.d/$NAME -- 2.20.1