2 protocol.c -- handle the meta-protocol
3 Copyright (C) 1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: protocol.c,v 1.28.4.23 2000/08/08 13:47:57 guus Exp $
25 #include <sys/types.h>
30 #include <sys/socket.h>
37 #include <netinet/in.h>
47 char buffer[MAXBUFSIZE+1];
50 /* Outgoing request routines */
52 int send_ack(conn_list_t *cl)
56 syslog(LOG_DEBUG, _("Sending ACK to %s (%s)"),
57 cl->vpn_hostname, cl->real_hostname);
59 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", ACK);
61 if((write(cl->meta_socket, buffer, buflen)) < 0)
63 syslog(LOG_ERR, _("Send failed: %d:%d: %m"), __FILE__, __LINE__);
70 int send_termreq(conn_list_t *cl)
74 syslog(LOG_DEBUG, _("Sending TERMREQ to %s (%s)"),
75 cl->vpn_hostname, cl->real_hostname);
77 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", TERMREQ, myself->vpn_ip);
79 if(write(cl->meta_socket, buffer, buflen) < 0)
82 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
89 int send_timeout(conn_list_t *cl)
93 syslog(LOG_DEBUG, _("Sending TIMEOUT to %s (%s)"),
94 cl->vpn_hostname, cl->real_hostname);
96 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", PINGTIMEOUT, myself->vpn_ip);
98 if((write(cl->meta_socket, buffer, buflen)) < 0)
100 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
107 int send_del_host(conn_list_t *cl, conn_list_t *new_host)
111 syslog(LOG_DEBUG, _("Sending DEL_HOST for %s (%s) to %s (%s)"),
112 new_host->vpn_hostname, new_host->real_hostname, cl->vpn_hostname, cl->real_hostname);
114 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", DEL_HOST, new_host->vpn_ip);
116 if((write(cl->meta_socket, buffer, buflen)) < 0)
118 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
125 /* Evil hack - TCP tunneling is bad */
126 int send_tcppacket(conn_list_t *cl, void *data, int len)
130 syslog(LOG_DEBUG, _("Sending PACKET to %s (%s)"),
131 cl->vpn_hostname, cl->real_hostname);
133 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d\n", PACKET, len);
135 if((write(cl->meta_socket, buffer, buflen)) != buflen)
137 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
141 if((write(cl->meta_socket, data, len)) != len)
143 syslog(LOG_ERR, _("Sending PACKET data failed: %s:%d: %m"), __FILE__, __LINE__);
151 int send_ping(conn_list_t *cl)
155 syslog(LOG_DEBUG, _("Sending PING to %s (%s)"),
156 cl->vpn_hostname, cl->real_hostname);
158 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PING);
160 if((write(cl->meta_socket, buffer, buflen)) < 0)
162 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
169 int send_pong(conn_list_t *cl)
173 syslog(LOG_DEBUG, _("Sending PONG to %s (%s)"),
174 cl->vpn_hostname, cl->real_hostname);
176 buflen = snprintf(buffer, MAXBUFSIZE, "%d\n", PONG);
178 if((write(cl->meta_socket, buffer, buflen)) < 0)
180 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
187 int send_add_host(conn_list_t *cl, conn_list_t *new_host)
193 real_ip = new_host->real_ip;
194 hostname = new_host->real_hostname;
195 flags = new_host->flags;
197 /* If we need to propagate information about a new host that wants us to export
198 * it's indirectdata flag, we set the INDIRECTDATA flag and unset the EXPORT...
199 * flag, and set it's real_ip to our vpn_ip, so that net.c send_packet() will
203 if(flags & EXPORTINDIRECTDATA)
205 flags &= ~EXPORTINDIRECTDATA;
206 flags |= INDIRECTDATA;
207 real_ip = myself->vpn_ip;
208 hostname = myself->real_hostname;
212 syslog(LOG_DEBUG, _("Sending ADD_HOST for %s (%s) to %s (%s)"),
213 new_host->vpn_hostname, hostname, cl->vpn_hostname, cl->real_hostname);
215 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx/%lx:%x %d\n", ADD_HOST, real_ip, new_host->vpn_ip, new_host->vpn_mask, new_host->port, flags);
217 if((write(cl->meta_socket, buffer, buflen)) < 0)
219 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
226 int send_key_changed(conn_list_t *cl, conn_list_t *src)
230 syslog(LOG_DEBUG, _("Sending KEY_CHANGED origin %s to %s (%s)"),
231 src->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
233 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx\n", KEY_CHANGED, src->vpn_ip);
235 if((write(cl->meta_socket, buffer, buflen)) < 0)
237 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
244 void send_key_changed_all(void)
248 for(p = conn_list; p != NULL; p = p->next)
249 if(p->status.meta && p->status.active)
250 send_key_changed(p, myself);
254 int send_basic_info(conn_list_t *cl)
258 syslog(LOG_DEBUG, _("Sending BASIC_INFO to %s"),
261 buflen = snprintf(buffer, MAXBUFSIZE, "%d %d %lx/%lx:%x %d\n", BASIC_INFO, PROT_CURRENT, myself->vpn_ip, myself->vpn_mask, myself->port, myself->flags);
263 if((write(cl->meta_socket, buffer, buflen)) < 0)
265 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
272 int send_passphrase(conn_list_t *cl)
276 encrypt_passphrase(&tmp);
279 syslog(LOG_DEBUG, _("Sending PASSPHRASE to %s (%s)"),
280 cl->vpn_hostname, cl->real_hostname);
282 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PASSPHRASE, tmp.phrase);
284 if((write(cl->meta_socket, buffer, buflen)) < 0)
286 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
293 int send_public_key(conn_list_t *cl)
297 syslog(LOG_DEBUG, _("Sending PUBLIC_KEY to %s (%s)"),
298 cl->vpn_hostname, cl->real_hostname);
300 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", PUBLIC_KEY, my_public_key_base36);
302 if((write(cl->meta_socket, buffer, buflen)) < 0)
304 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
311 /* WDN doet deze functie? (GS)
312 int send_calculate(conn_list_t *cl, char *k)
315 buflen = snprintf(buffer, MAXBUFSIZE, "%d %s\n", CALCULATE, k);
317 if((write(cl->meta_socket, buffer, buflen)) < 0)
319 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
327 int send_key_request(ip_t to)
331 fw = lookup_conn(to);
334 syslog(LOG_ERR, _("Attempting to send REQ_KEY to %d.%d.%d.%d, which does not exist?"),
340 syslog(LOG_DEBUG, _("Sending REQ_KEY to %s (%s)"),
341 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
343 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx\n", REQ_KEY, to, myself->vpn_ip);
345 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
347 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
350 fw->status.waitingforkey = 1;
355 int send_key_answer(conn_list_t *cl, ip_t to)
360 fw = lookup_conn(to);
364 syslog(LOG_ERR, _("Attempting to send ANS_KEY to %d.%d.%d.%d, which does not exist?"),
370 syslog(LOG_DEBUG, _("Sending ANS_KEY to %s (%s)"),
371 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
373 buflen = snprintf(buffer, MAXBUFSIZE, "%d %lx %lx %d %s\n", ANS_KEY, to, myself->vpn_ip, my_key_expiry, my_public_key_base36);
375 if((write(fw->nexthop->meta_socket, buffer, buflen)) < 0)
377 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
385 notify all my direct connections of a new host
386 that was added to the vpn, with the exception
387 of the source of the announcement.
389 int notify_others(conn_list_t *new, conn_list_t *source,
390 int (*function)(conn_list_t*, conn_list_t*))
394 for(p = conn_list; p != NULL; p = p->next)
395 if(p != new && p != source && p->status.meta && p->status.active)
402 notify one connection of everything
405 int notify_one(conn_list_t *new)
409 for(p = conn_list; p != NULL; p = p->next)
410 if(p != new && p->status.active)
411 send_add_host(new, p);
417 The incoming request handlers
420 int basic_info_h(conn_list_t *cl)
425 syslog(LOG_DEBUG, _("Got BASIC_INFO from %s"), cl->real_hostname);
427 if(sscanf(cl->buffer, "%*d %d %lx/%lx:%hx %d", &cl->protocol_version, &cl->vpn_ip, &cl->vpn_mask, &cl->port, &cl->flags) != 5)
429 syslog(LOG_ERR, _("Got bad BASIC_INFO from %s"),
434 cl->vpn_hostname = hostlookup(htonl(cl->vpn_ip));
436 if(cl->protocol_version != PROT_CURRENT)
438 syslog(LOG_ERR, _("Peer uses incompatible protocol version %d"),
439 cl->protocol_version);
443 if(cl->status.outgoing)
445 /* First check if the host we connected to is already in our
446 connection list. If so, we are probably making a loop, which
450 if((old=lookup_conn(cl->vpn_ip)))
453 syslog(LOG_NOTICE, _("Uplink %s (%s) is already in our connection list"),
454 cl->vpn_hostname, cl->real_hostname);
455 cl->status.outgoing = 0;
456 old->status.outgoing = 1;
457 terminate_connection(cl);
461 if(setup_vpn_connection(cl) < 0)
468 if(setup_vpn_connection(cl) < 0)
476 int passphrase_h(conn_list_t *cl)
479 cl->pp = xmalloc(sizeof(*(cl->pp)));
481 if(sscanf(cl->buffer, "%*d %as", &(cl->pp->phrase)) != 1)
483 syslog(LOG_ERR, _("Got bad PASSPHRASE from %s (%s)"),
484 cl->vpn_hostname, cl->real_hostname);
487 cl->pp->len = strlen(cl->pp->phrase);
490 syslog(LOG_DEBUG, _("Got PASSPHRASE from %s (%s)"),
491 cl->vpn_hostname, cl->real_hostname);
493 if(cl->status.outgoing)
501 int public_key_h(conn_list_t *cl)
506 if(sscanf(cl->buffer, "%*d %as", &g_n) != 1)
508 syslog(LOG_ERR, _("Got bad PUBLIC_KEY from %s (%s)"),
509 cl->vpn_hostname, cl->real_hostname);
514 syslog(LOG_DEBUG, _("Got PUBLIC_KEY from %s (%s)"),
515 cl->vpn_hostname, cl->real_hostname);
517 if(verify_passphrase(cl, g_n))
520 syslog(LOG_ERR, _("Intruder from %s: passphrase for %s does not match!"),
521 cl->real_hostname, cl->vpn_hostname);
525 if(cl->status.outgoing)
531 /* Okay, before we active the connection, we check if there is another entry
532 in the connection list with the same vpn_ip. If so, it presumably is an
533 old connection that has timed out but we don't know it yet.
536 while((old = lookup_conn(cl->vpn_ip)))
539 syslog(LOG_NOTICE, _("Removing old entry for %s at %s in favour of new connection from %s"),
540 cl->vpn_hostname, old->real_hostname, cl->real_hostname);
541 old->status.active = 0;
542 terminate_connection(old);
545 cl->status.active = 1;
548 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
549 cl->vpn_hostname, cl->real_hostname);
551 notify_others(cl, NULL, send_add_host);
558 int ack_h(conn_list_t *cl)
562 syslog(LOG_DEBUG, _("Got ACK from %s (%s)"),
563 cl->vpn_hostname, cl->real_hostname);
565 cl->status.active = 1;
568 syslog(LOG_NOTICE, _("Connection with %s (%s) activated"),
569 cl->vpn_hostname, cl->real_hostname);
571 notify_others(cl, NULL, send_add_host);
579 int termreq_h(conn_list_t *cl)
582 if(!cl->status.active)
584 syslog(LOG_ERR, _("Got unauthorized TERMREQ from %s (%s)"),
585 cl->vpn_hostname, cl->real_hostname);
590 syslog(LOG_DEBUG, _("Got TERMREQ from %s (%s)"),
591 cl->vpn_hostname, cl->real_hostname);
593 cl->status.termreq = 1;
595 terminate_connection(cl);
600 int timeout_h(conn_list_t *cl)
603 if(!cl->status.active)
605 syslog(LOG_ERR, _("Got unauthorized TIMEOUT from %s (%s)"),
606 cl->vpn_hostname, cl->real_hostname);
611 syslog(LOG_DEBUG, _("Got TIMEOUT from %s (%s)"),
612 cl->vpn_hostname, cl->real_hostname);
614 cl->status.termreq = 1;
615 terminate_connection(cl);
620 int del_host_h(conn_list_t *cl)
625 if(!cl->status.active)
627 syslog(LOG_ERR, _("Got unauthorized DEL_HOST from %s (%s)"),
628 cl->vpn_hostname, cl->real_hostname);
632 if(sscanf(cl->buffer, "%*d %lx", &vpn_ip) != 1)
634 syslog(LOG_ERR, _("Got bad DEL_HOST from %s (%s)"),
635 cl->vpn_hostname, cl->real_hostname);
639 if(!(fw = lookup_conn(vpn_ip)))
641 syslog(LOG_ERR, _("Got DEL_HOST for %d.%d.%d.%d from %s (%s) which does not exist?"),
642 IP_ADDR_V(vpn_ip), cl->vpn_hostname, cl->real_hostname);
646 /* Connections lists are really messed up if this happens */
647 if(vpn_ip == myself->vpn_ip)
649 syslog(LOG_ERR, _("Warning: got DEL_HOST from %s (%s) for ourself, restarting"),
650 cl->vpn_hostname, cl->real_hostname);
656 syslog(LOG_DEBUG, _("Got DEL_HOST for %s (%s) from %s (%s)"),
657 fw->vpn_hostname, fw->real_hostname, cl->vpn_hostname, cl->real_hostname);
659 notify_others(fw, cl, send_del_host);
661 fw->status.termreq = 1;
662 fw->status.active = 0;
664 terminate_connection(fw);
669 int tcppacket_h(conn_list_t *cl)
672 int len, count = 0, result;
675 if(!cl->status.active)
677 syslog(LOG_ERR, _("Got unauthorized PACKET from %s (%s)"),
678 cl->vpn_hostname, cl->real_hostname);
682 if(sscanf(cl->buffer, "%*d %d", &len) != 1)
684 syslog(LOG_ERR, _("Got bad PACKET from %s (%s)"),
685 cl->vpn_hostname, cl->real_hostname);
691 syslog(LOG_ERR, _("Got too big PACKET from %s (%s)"),
692 cl->vpn_hostname, cl->real_hostname);
697 syslog(LOG_DEBUG, _("Got PACKET length %d from %s (%s)"), len,
698 cl->vpn_hostname, cl->real_hostname);
700 /* Evil kludge comming up */
704 syslog(LOG_DEBUG, _("Direct read count=%d len=%d rp=%p socket=%d"), count, len, ((char *)&rp)+count, cl->meta_socket);
706 result=read(cl->meta_socket,((char *)&rp)+count,len);
709 syslog(LOG_ERR, _("Error while receiving PACKET data from %s (%s): %m"),
710 cl->vpn_hostname, cl->real_hostname);
717 total_socket_in += len;
719 rp.data.len = ntohs(rp.data.len);
720 rp.len = ntohs(rp.len);
721 rp.from = ntohl(rp.from);
725 f = lookup_conn(rp.from);
728 syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
729 cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp.from));
733 if(f->status.validkey)
737 /* add_queue(&(f->rq), &rp, rp.len); We can't do this since rp is on the stack */
738 if(!cl->status.waitingforkey)
739 send_key_request(rp.from);
742 if(my_key_expiry <= time(NULL))
750 int ping_h(conn_list_t *cl)
753 if(!cl->status.active)
755 syslog(LOG_ERR, _("Got unauthorized PING from %s (%s)"),
756 cl->vpn_hostname, cl->real_hostname);
761 syslog(LOG_DEBUG, _("Got PING from %s (%s)"),
762 cl->vpn_hostname, cl->real_hostname);
764 cl->status.pinged = 0;
765 cl->status.got_pong = 1;
772 int pong_h(conn_list_t *cl)
775 if(!cl->status.active)
777 syslog(LOG_ERR, _("Got unauthorized PONG from %s (%s)"),
778 cl->vpn_hostname, cl->real_hostname);
783 syslog(LOG_DEBUG, _("Got PONG from %s (%s)"),
784 cl->vpn_hostname, cl->real_hostname);
786 cl->status.got_pong = 1;
791 int add_host_h(conn_list_t *cl)
798 conn_list_t *ncn, *old;
800 if(!cl->status.active)
802 syslog(LOG_ERR, _("Got unauthorized ADD_HOST from %s (%s)"),
803 cl->vpn_hostname, cl->real_hostname);
807 if(sscanf(cl->buffer, "%*d %lx %lx/%lx:%hx %d", &real_ip, &vpn_ip, &vpn_mask, &port, &flags) != 5)
809 syslog(LOG_ERR, _("Got bad ADD_HOST from %s (%s)"),
810 cl->vpn_hostname, cl->real_hostname);
814 if((old = lookup_conn(vpn_ip)))
816 if((real_ip==old->real_ip) && (vpn_mask==old->vpn_mask) && (port==old->port))
819 syslog(LOG_NOTICE, _("Got duplicate ADD_HOST for %s (%s) from %s (%s)"),
820 old->vpn_hostname, old->real_hostname, cl->vpn_hostname, cl->real_hostname);
821 goto skip_add_host; /* One goto a day keeps the deeply nested if constructions away. */
826 syslog(LOG_NOTICE, _("Removing old entry for %s (%s)"),
827 old->vpn_hostname, old->real_hostname);
828 old->status.active = 0;
829 terminate_connection(old);
833 /* Connections lists are really messed up if this happens */
834 if(vpn_ip == myself->vpn_ip)
836 syslog(LOG_ERR, _("Warning: got ADD_HOST from %s (%s) for ourself, restarting"),
837 cl->vpn_hostname, cl->real_hostname);
842 ncn = new_conn_list();
843 ncn->real_ip = real_ip;
844 ncn->real_hostname = hostlookup(htonl(real_ip));
845 ncn->vpn_ip = vpn_ip;
846 ncn->vpn_mask = vpn_mask;
847 ncn->vpn_hostname = hostlookup(htonl(vpn_ip));
851 ncn->next = conn_list;
853 ncn->status.active = 1;
856 syslog(LOG_DEBUG, _("Got ADD_HOST for %s (%s) from %s (%s)"),
857 ncn->vpn_hostname, ncn->real_hostname, cl->vpn_hostname, cl->real_hostname);
859 notify_others(ncn, cl, send_add_host);
866 int req_key_h(conn_list_t *cl)
872 if(!cl->status.active)
874 syslog(LOG_ERR, _("Got unauthorized REQ_KEY from %s (%s)"),
875 cl->vpn_hostname, cl->real_hostname);
879 if(sscanf(cl->buffer, "%*d %lx %lx", &to, &from) != 2)
881 syslog(LOG_ERR, _("Got bad REQ_KEY from %s (%s)"),
882 cl->vpn_hostname, cl->real_hostname);
887 syslog(LOG_DEBUG, _("Got REQ_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
888 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
890 if((to & myself->vpn_mask) == (myself->vpn_ip & myself->vpn_mask))
891 { /* hey! they want something from ME! :) */
892 send_key_answer(cl, from);
896 fw = lookup_conn(to);
900 syslog(LOG_ERR, _("Attempting to forward REQ_KEY to %d.%d.%d.%d, which does not exist?"),
906 syslog(LOG_DEBUG, _("Forwarding REQ_KEY to %s (%s)"),
907 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
909 cl->buffer[cl->reqlen-1] = '\n';
911 if(write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen) < 0)
913 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
920 void set_keys(conn_list_t *cl, int expiry, char *key)
926 cl->public_key = xmalloc(sizeof(*cl->key));
927 cl->public_key->key = NULL;
930 if(cl->public_key->key)
931 free(cl->public_key->key);
932 cl->public_key->length = strlen(key);
933 cl->public_key->expiry = expiry;
934 cl->public_key->key = xmalloc(cl->public_key->length + 1);
935 strcpy(cl->public_key->key, key);
937 ek = make_shared_key(key);
941 cl->key = xmalloc(sizeof(*cl->key));
948 cl->key->length = strlen(ek);
949 cl->key->expiry = expiry;
950 cl->key->key = xmalloc(cl->key->length + 1);
951 strcpy(cl->key->key, ek);
955 int ans_key_h(conn_list_t *cl)
961 conn_list_t *fw, *gk;
963 if(!cl->status.active)
965 syslog(LOG_ERR, _("Got unauthorized ANS_KEY from %s (%s)"),
966 cl->vpn_hostname, cl->real_hostname);
970 if(sscanf(cl->buffer, "%*d %lx %lx %d %as", &to, &from, &expiry, &key) != 4)
972 syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s)"),
973 cl->vpn_hostname, cl->real_hostname);
978 syslog(LOG_DEBUG, _("Got ANS_KEY origin %d.%d.%d.%d destination %d.%d.%d.%d from %s (%s)"),
979 IP_ADDR_V(from), IP_ADDR_V(to), cl->vpn_hostname, cl->real_hostname);
981 if(to == myself->vpn_ip)
982 { /* hey! that key's for ME! :) */
983 gk = lookup_conn(from);
987 syslog(LOG_ERR, _("Receiving ANS_KEY origin %d.%d.%d.%d from %s (%s), which does not exist?"),
988 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
992 set_keys(gk, expiry, key);
993 gk->status.validkey = 1;
994 gk->status.waitingforkey = 0;
999 fw = lookup_conn(to);
1003 syslog(LOG_ERR, _("Attempting to forward ANS_KEY to %d.%d.%d.%d, which does not exist?"),
1009 syslog(LOG_DEBUG, _("Forwarding ANS_KEY to %s (%s)"),
1010 fw->nexthop->vpn_hostname, fw->nexthop->real_hostname);
1012 cl->buffer[cl->reqlen-1] = '\n';
1014 if((write(fw->nexthop->meta_socket, cl->buffer, cl->reqlen)) < 0)
1016 syslog(LOG_ERR, _("Send failed: %s:%d: %m"), __FILE__, __LINE__);
1023 int key_changed_h(conn_list_t *cl)
1028 if(!cl->status.active)
1030 syslog(LOG_ERR, _("Got unauthorized KEY_CHANGED from %s (%s)"),
1031 cl->vpn_hostname, cl->real_hostname);
1035 if(sscanf(cl->buffer, "%*d %lx", &from) != 1)
1037 syslog(LOG_ERR, _("Got bad KEY_CHANGED from %s (%s)"),
1038 cl->vpn_hostname, cl->real_hostname);
1042 ik = lookup_conn(from);
1046 syslog(LOG_ERR, _("Got KEY_CHANGED origin %d.%d.%d.%d from %s (%s), which does not exist?"),
1047 IP_ADDR_V(from), cl->vpn_hostname, cl->real_hostname);
1052 syslog(LOG_DEBUG, _("Got KEY_CHANGED origin %s from %s (%s)"),
1053 ik->vpn_hostname, cl->vpn_hostname, cl->real_hostname);
1055 ik->status.validkey = 0;
1056 ik->status.waitingforkey = 0;
1058 notify_others(ik, cl, send_key_changed);
1063 int (*request_handlers[256])(conn_list_t*) = {
1064 0, ack_h, 0, 0, 0, 0, 0, 0, 0, 0,
1065 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1066 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1067 termreq_h, timeout_h, del_host_h, 0, 0, 0, 0, 0, 0, 0,
1068 ping_h, pong_h, 0, 0, 0, 0, 0, 0, 0, 0,
1069 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1070 add_host_h, basic_info_h, passphrase_h, public_key_h, 0, 0, 0, 0, 0, 0,
1071 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1072 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1073 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1074 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1075 tcppacket_h, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1076 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1077 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1078 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1079 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1080 req_key_h, ans_key_h, key_changed_h, 0, 0, 0, 0, 0, 0, 0,
1081 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1082 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1083 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1084 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1085 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1086 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1087 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
1088 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,