Allow tunnelserver to work with clients that have other peers.
authorMichael Tokarev <mjt@tls.msk.ru>
Mon, 9 Feb 2009 22:51:10 +0000 (23:51 +0100)
committerGuus Sliepen <guus@tinc-vpn.org>
Mon, 9 Feb 2009 22:51:10 +0000 (23:51 +0100)
In TunnelServer mode, tinc server disconnects any client if it announces
indirect subnets -- subnets that are not theirs (e.g. subnets for nodes
the CLIENT has connections now, even if those nodes are known to the server
too).  Fix that by ignoring such (indirect) announces instead.

While we're at it, move check for such indirect subnet registration to
before allocating new node structure, as in TunnelServer mode we don't
really need to know that other node.

src/protocol_subnet.c

index e3600bdf5a5cd5a030daf678dd68cb401e5f1460..22fb058856b54269b3ef37807001e9dd833ec50b 100644 (file)
@@ -83,15 +83,19 @@ bool add_subnet_h(connection_t *c)
 
        owner = lookup_node(name);
 
+       if(tunnelserver && owner != myself && owner != c->node) {
+               /* in case of tunnelserver, ignore indirect subnet registrations */
+               ifdebug(PROTOCOL) logger(LOG_WARNING, _("Ignoring indirect %s from %s (%s) for %s"),
+                                  "ADD_SUBNET", c->name, c->hostname, subnetstr);
+               return true;
+       }
+
        if(!owner) {
                owner = new_node();
                owner->name = xstrdup(name);
                node_add(owner);
        }
 
-       if(tunnelserver && owner != myself && owner != c->node)
-               return false;
-
        /* Check if we already know this subnet */
 
        if(lookup_subnet(owner, &s))