along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: connection.h,v 1.1.2.37 2003/11/10 22:31:53 guus Exp $
+ $Id: connection.h,v 1.1.2.38 2003/11/17 15:30:16 guus Exp $
*/
#ifndef __TINC_CONNECTION_H__
int encryptout:1; /* 1 if we can encrypt outgoing traffic */
int decryptin:1; /* 1 if we have to decrypt incoming traffic */
int mst:1; /* 1 if this connection is part of a minimum spanning tree */
- int opaque:1; /* 1 if we do not forward information about other nodes */
- int strict:1; /* 1 if we strictly check edges and subnets received from this connection */
- int unused:18;
+ int unused:23;
} connection_status_t;
#include "edge.h"
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: meta.c,v 1.1.2.49 2003/11/10 22:31:53 guus Exp $
+ $Id: meta.c,v 1.1.2.50 2003/11/17 15:30:17 guus Exp $
*/
#include "system.h"
for(node = connection_tree->head; node; node = node->next) {
c = node->data;
- if(c != from && c->status.active && !c->status.opaque)
+ if(c != from && c->status.active)
send_meta(c, buffer, length);
}
}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.c,v 1.35.4.200 2003/08/28 21:05:10 guus Exp $
+ $Id: net.c,v 1.35.4.201 2003/11/17 15:30:17 guus Exp $
*/
#include "system.h"
for(snode = n->subnet_tree->head; snode; snode = snext) {
snext = snode->next;
s = snode->data;
- send_del_subnet(broadcast, s);
+ if(!tunnelserver)
+ send_del_subnet(broadcast, s);
subnet_del(n, s);
}
for(enode = n->edge_tree->head; enode; enode = enext) {
enext = enode->next;
e = enode->data;
- send_del_edge(broadcast, e);
+ if(!tunnelserver)
+ send_del_edge(broadcast, e);
edge_del(e);
}
}
closesocket(c->socket);
if(c->edge) {
- if(report)
+ if(report && !tunnelserver)
send_del_edge(broadcast, c->edge);
edge_del(c->edge);
edge_t *e;
e = lookup_edge(c->node, myself);
if(e) {
- send_del_edge(broadcast, e);
+ if(!tunnelserver)
+ send_del_edge(broadcast, e);
edge_del(e);
}
}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net_setup.c,v 1.1.2.45 2003/10/11 12:16:12 guus Exp $
+ $Id: net_setup.c,v 1.1.2.46 2003/11/17 15:30:17 guus Exp $
*/
#include "system.h"
if(myself->options & OPTION_TCPONLY)
myself->options |= OPTION_INDIRECT;
+ get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
+
if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
if(!strcasecmp(mode, "router"))
routing_mode = RMODE_ROUTER;
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol.c,v 1.28.4.147 2003/08/28 21:05:10 guus Exp $
+ $Id: protocol.c,v 1.28.4.148 2003/11/17 15:30:17 guus Exp $
*/
#include "system.h"
#include "utils.h"
#include "xalloc.h"
+bool tunnelserver = false;
+
/* Jumptable for the request handlers */
static bool (*request_handlers[])(connection_t *) = {
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol.h,v 1.5.4.44 2003/07/30 21:52:41 guus Exp $
+ $Id: protocol.h,v 1.5.4.45 2003/11/17 15:30:18 guus Exp $
*/
#ifndef __TINC_PROTOCOL_H__
time_t firstseen;
} past_request_t;
+extern bool tunnelserver;
+
/* Maximum size of strings in a request */
#define MAX_STRING_SIZE 2048
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol_auth.c,v 1.1.4.29 2003/11/10 22:31:53 guus Exp $
+ $Id: protocol_auth.c,v 1.1.4.30 2003/11/17 15:30:18 guus Exp $
*/
#include "system.h"
if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY)
c->options |= OPTION_TCPONLY | OPTION_INDIRECT;
- choice = false;
- get_config_bool(lookup_config(config_tree, "Opaque"), &choice);
- get_config_bool(lookup_config(c->config_tree, "Opaque"), &choice);
- c->status.opaque = choice;
-
- if(c->status.opaque)
- c->options |= OPTION_INDIRECT;
-
- choice = false;
- get_config_bool(lookup_config(config_tree, "Strict"), &choice);
- get_config_bool(lookup_config(c->config_tree, "Strict"), &choice);
- c->status.strict = choice;
-
return send_request(c, "%d %s %d %lx", ACK, myport, c->estimated_weight, c->options);
}
/* Send all known subnets and edges */
+ if(tunnelserver) {
+ for(node = myself->subnet_tree->head; node; node = node->next) {
+ s = node->data;
+ send_add_subnet(c, s);
+ }
+
+ return;
+ }
+
for(node = node_tree->head; node; node = node->next) {
n = node->data;
/* Send him everything we know */
- if(!c->status.opaque)
- send_everything(c);
+ send_everything(c);
/* Create an edge_t for this connection */
/* Notify everyone of the new edge */
- if(c->status.opaque)
- send_add_edge(broadcast, c->edge);
- else
+ if(tunnelserver)
send_add_edge(c, c->edge);
+ else
+ send_add_edge(broadcast, c->edge);
/* Run MST and SSSP algorithms */
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol_edge.c,v 1.1.4.22 2003/11/10 22:31:53 guus Exp $
+ $Id: protocol_edge.c,v 1.1.4.23 2003/11/17 15:30:18 guus Exp $
*/
#include "system.h"
node_add(to);
}
- if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node)
+ if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node)
return false;
/* Convert addresses */
/* Tell the rest about the new edge */
- if(!c->status.opaque)
+ if(!tunnelserver)
forward_request(c);
/* Run MST before or after we tell the rest? */
return true;
}
- if(c->status.opaque && from != myself && from != c->node && to != myself && to != c->node)
+ if(tunnelserver && from != myself && from != c->node && to != myself && to != c->node)
return false;
/* Check if edge exists */
/* Tell the rest about the deleted edge */
- if(!c->status.opaque)
+ if(!tunnelserver)
forward_request(c);
/* Delete the edge */
if(!to->status.reachable) {
e = lookup_edge(to, myself);
if(e) {
- send_del_edge(broadcast, e);
+ if(!tunnelserver)
+ send_del_edge(broadcast, e);
edge_del(e);
}
}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol_key.c,v 1.1.4.23 2003/10/11 12:16:13 guus Exp $
+ $Id: protocol_key.c,v 1.1.4.24 2003/11/17 15:30:18 guus Exp $
*/
#include "system.h"
/* Tell the others */
- forward_request(c);
+ if(!tunnelserver)
+ forward_request(c);
return true;
}
memset(from->late, 0, sizeof(from->late));
send_ans_key(c, myself, from);
} else {
+ if(tunnelserver)
+ return false;
+
send_req_key(to->nexthop->connection, from, to);
}
/* Forward it if necessary */
if(to != myself) {
+ if(tunnelserver)
+ return false;
+
return send_request(to->nexthop->connection, "%s", c->buffer);
}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol_subnet.c,v 1.1.4.16 2003/11/10 22:31:53 guus Exp $
+ $Id: protocol_subnet.c,v 1.1.4.17 2003/11/17 15:30:18 guus Exp $
*/
#include "system.h"
node_add(owner);
}
- if(c->status.opaque && owner != myself && owner != c->node)
+ if(tunnelserver && owner != myself && owner != c->node)
return false;
/* Check if we already know this subnet */
return true;
}
+ /* In tunnel server mode, check if the subnet matches one in the config file of this node */
+
+ if(tunnelserver) {
+ config_t *cfg;
+ subnet_t *allowed;
+
+ for(cfg = lookup_config(c->config_tree, "Subnet"); cfg; cfg = lookup_config_next(c->config_tree, cfg)) {
+ if(!get_config_subnet(cfg, &allowed))
+ return false;
+
+ if(!subnet_compare(s, allowed))
+ break;
+
+ free_subnet(allowed);
+ }
+
+ if(!cfg)
+ return false;
+
+ free_subnet(allowed);
+ }
+
/* If everything is correct, add the subnet to the list of the owner */
subnet_add(owner, s);
/* Tell the rest */
- if(!c->status.opaque)
+ if(!tunnelserver)
forward_request(c);
return true;
return true;
}
- if(c->status.opaque && owner != myself && owner != c->node)
+ if(tunnelserver && owner != myself && owner != c->node)
return false;
/* Check if subnet string is valid */
/* Tell the rest */
- if(!c->status.opaque)
+ if(!tunnelserver)
forward_request(c);
/* Finally, delete it. */
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: subnet.c,v 1.1.2.50 2003/08/28 21:05:11 guus Exp $
+ $Id: subnet.c,v 1.1.2.51 2003/11/17 15:30:18 guus Exp $
*/
#include "system.h"
return strcmp(a->owner->name, b->owner->name);
}
-static int subnet_compare(const subnet_t *a, const subnet_t *b)
+int subnet_compare(const subnet_t *a, const subnet_t *b)
{
int result;
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: subnet.h,v 1.1.2.25 2003/10/06 14:33:04 guus Exp $
+ $Id: subnet.h,v 1.1.2.26 2003/11/17 15:30:18 guus Exp $
*/
#ifndef __TINC_SUBNET_H__
} net;
} subnet_t;
+extern int subnet_compare(const struct subnet_t *, const struct subnet_t *);
extern subnet_t *new_subnet(void) __attribute__ ((__malloc__));
extern void free_subnet(subnet_t *);
extern void init_subnets(void);
projects / oweals / tinc.git / commitdiff