- Lots of FIXME comments added to the source code.
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#include <sys/types.h>
+#include <ctype.h>
+
#include "config.h"
#include <utils.h>
volatile int cp_line;
volatile char *cp_file;
+char *charbin2hex = "0123456789ABCDEF";
+
+int charhex2bin(char c)
+{
+ if(isdigit(c))
+ return c - '0';
+ else
+ return tolower(c) - 'a' + 10;
+}
+
+void hex2bin(char *src, char *dst, size_t length)
+{
+ size_t i;
+ for(i=0; i<length; i++)
+ dst[i] = charhex2bin(src[i*2])<<4 || charhex2bin(src[i*2+1]);
+}
+
+void bin2hex(char *src, char *dst, size_t length)
+{
+ size_t i;
+ for(i=length-1; i>=0; i--)
+ {
+ dst[i*2+1] = charbin2hex[src[i] & 15];
+ dst[i*2] = charbin2hex[src[i]>>4];
+ }
+}
#ifndef __TINC_UTILS_H__
#define __TINC_UTILS_H__
+#include <ctype.h>
+
enum {
DEBUG_CONNECTIONS = 0,
DEBUG_PROTOCOL,
extern volatile int cp_line;
extern volatile char *cp_file;
+extern void hex2bin(char *src, char *dst, size_t length);
+extern void bin2hex(char *src, char *dst, size_t length);
+
#endif /* __TINC_UTILS_H__ */
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: conf.c,v 1.9.4.12 2000/10/11 22:00:57 guus Exp $
+ $Id: conf.c,v 1.9.4.13 2000/10/14 17:04:12 guus Exp $
*/
#include <utils.h> /* for cp */
#include "config.h"
-
+#include "connlist.h"
#include "system.h"
config_t *config;
int debug_lvl = 0;
int timeout = 0; /* seconds before timeout */
-char *configfilename = NULL;
+char *confbase = NULL; /* directory in which all config files are */
/* Will be set if HUP signal is received. It will be processed when it is safe. */
int sighup = 0;
return err;
}
+int read_server_config()
+{
+ char *fname;
+ int x;
+cp
+ asprintf(fname, "%s/tinc.conf", confbase);
+ x = read_config_file(&config, fname);
+ free(fname);
+cp
+ return x;
+}
+
/*
Look up the value of the config option type
*/
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: conf.h,v 1.6.4.11 2000/10/11 22:00:58 guus Exp $
+ $Id: conf.h,v 1.6.4.12 2000/10/14 17:04:13 guus Exp $
*/
#ifndef __TINC_CONF_H__
extern int timeout;
extern int upstreamindex;
extern int sighup;
-extern char *configfilename;
+extern char *confbase;
extern config_t *add_config_val(config_t **, int, char *);
extern int read_config_file(config_t **, const char *);
extern const config_t *get_config_val(config_t *, which_t type);
extern const config_t *get_next_config_val(config_t *, which_t type, int);
extern void clear_config();
+extern int read_server_config(void);
#endif /* __TINC_CONF_H__ */
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: connlist.c,v 1.1.2.2 2000/10/11 22:00:58 guus Exp $
+ $Id: connlist.c,v 1.1.2.3 2000/10/14 17:04:13 guus Exp $
*/
#include <syslog.h>
+#include "net.h" /* Don't ask. */
#include "config.h"
+#include "conf.h"
#include <utils.h>
-#include "net.h" /* Don't ask. */
+#include "system.h"
/* Root of the connection list */
free(p->name);
if(p->hostname)
free(p->hostname);
- free_key(p->public_key);
- free_key(p->datakey);
+ if(p->public_key)
+ RSA_free(p->public_key);
+ if(p->cipher_pktkey)
+ free(p->cipher_pktkey);
free(p);
cp
}
else
conn_list = next;
- free_conn_element(p);
+ free_conn_list(p);
}
else
prev = p;
for(p = conn_list; p != NULL; )
{
next = p->next;
- free_conn_element(p);
+ free_conn_list(p);
p = next;
}
syslog(LOG_DEBUG, _("End of connection list."));
cp
}
+
+int read_host_config(conn_list_t *cl)
+{
+ char *fname;
+ int x;
+cp
+ asprintf(fname, "%s/hosts/%s", confbase, cl->name);
+ x = read_config_file(&cl->config, fname);
+ free(fname);
+cp
+ return x;
+}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: connlist.h,v 1.1.2.2 2000/10/11 22:00:58 guus Exp $
+ $Id: connlist.h,v 1.1.2.3 2000/10/14 17:04:13 guus Exp $
*/
#ifndef __TINC_CONNLIST_H__
#define __TINC_CONNLIST_H__
#include <openssl/evp.h>
+#include <openssl/rsa.h>
#include "net.h"
#include "conf.h"
packet_queue_t *sq; /* pending outgoing packets */
packet_queue_t *rq; /* pending incoming packets (they have no
valid key to be decrypted with) */
- enc_key_t *public_key; /* the other party's public key */
- enc_key_t *datakey; /* encrypt data packets with this key */
- enc_key_t *rsakey;
+ RSA *public_key; /* the other party's public key */
EVP_CIPHER_CTX *cipher_inctx; /* Context of encrypted meta data that will come from him to us */
EVP_CIPHER_CTX *cipher_outctx; /* Context of encrypted meta data that will be sent from us to him */
EVP_CIPHER_CTX *cipher_pktctx; /* Context of encrypted vpn packets that will be sent to him */
EVP_CIPHER *cipher_pkttype; /* Cipher type for encrypted vpn packets */
char *cipher_pktkey; /* Cipher key */
- char *cipher_pktiv; /* Cipher input vector */
char *buffer; /* metadata input buffer */
int buflen; /* bytes read into buffer */
extern conn_list_t *lookup_conn_list_ipv4(ipv4_t);
extern conn_list_t *lookup_conn_list_ipv6(ipv6_t);
extern void dump_conn_list(void);
+extern int read_host_config(conn_list_t *);
#endif /* __TINC_CONNLIST_H__ */
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.c,v 1.35.4.34 2000/10/11 22:00:58 guus Exp $
+ $Id: net.c,v 1.35.4.35 2000/10/14 17:04:13 guus Exp $
*/
#include "config.h"
int upstreamindex = 0;
static int seconds_till_retry;
-/* The global list of existing connections */
-conn_list_t *conn_list = NULL;
-conn_list_t *myself = NULL;
-
/*
strip off the MAC adresses of an ethernet frame
*/
int outlen, outpad;
cp
outpkt.len = inpkt->len;
- EVP_EncryptInit(cl->cipher_pktctx, cl->cipher_pkttype, cl->cipher_pktkey, cl->cipher_pktiv);
+ EVP_EncryptInit(cl->cipher_pktctx, cl->cipher_pkttype, cl->cipher_pktkey, NULL);
EVP_EncryptUpdate(cl->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
EVP_EncryptFinal(cl->cipher_pktctx, outpkt.data + outlen, &outpad);
outlen += outpad;
inpkt->len);
outpkt.len = inpkt->len;
- EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, myself->cipher_pktiv);
+ EVP_DecryptInit(myself->cipher_pktctx, myself->cipher_pkttype, myself->cipher_pktkey, NULL);
EVP_DecryptUpdate(myself->cipher_pktctx, outpkt.data, &outlen, inpkt->data, inpkt->len);
/* FIXME: grok DecryptFinal
EVP_DecryptFinal(myself->cipher_pktctx, outpkt.data + outlen, &outpad);
/* FIXME - check for indirection and reprogram it The Right Way(tm) this time. */
- if(my_key_expiry <= time(NULL))
- regenerate_keys();
-
if(!cl->status.dataopen)
if(setup_vpn_connection(cl) < 0)
{
{
syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
ncn->hostname);
- free_conn_element(ncn);
+ free_conn_list(ncn);
return -1;
}
cp
myself = new_conn_list();
- myself->hostname = "MYSELF"; /* FIXME? */
+ asprintf(&myself->hostname, "MYSELF"); /* FIXME? Do hostlookup on ourselves? */
myself->flags = 0;
if(!(cfg = get_config_val(config, tincname))) /* Not acceptable */
}
else
myself->name = (char*)cfg->data.val;
+
+ if(check_id(myself->name))
+ {
+ syslog(LOG_ERR, _("Invalid name for myself!"));
+ return -1;
+ }
+
+ if(read_host_config(myself))
+ {
+ syslog(LOG_ERR, _("Cannot open host configuration file for myself!"));
+ return -1;
+ }
- if(!(cfg = get_config_val(myself, port)))
+ if(!(cfg = get_config_val(myself->config, port)))
myself->port = 655;
else
myself->port = cfg->data.val;
- if((cfg = get_config_val(config, indirectdata)))
+ if((cfg = get_config_val(myself->config, indirectdata)))
if(cfg->data.val == stupid_true)
myself->flags |= EXPORTINDIRECTDATA;
- if((cfg = get_config_val(config, tcponly)))
+ if((cfg = get_config_val(myself->config, tcponly)))
if(cfg->data.val == stupid_true)
myself->flags |= TCPONLY;
syslog(LOG_NOTICE, _("Connection from %s port %d"),
p->hostname, htons(ci.sin_port));
- if(send_basic_info(p) < 0)
+ if(send_id(p) < 0)
{
- free_conn_element(p);
+ free_conn_list(p);
return NULL;
}
cp
if(debug_lvl > 0)
syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
cl->name, cl->hostname);
-
- if(cl->status.timeout)
- send_timeout(cl);
-/* else if(!cl->status.termreq)
- send_termreq(cl);
- */
if(cl->socket)
close(cl->socket);
cl->status.remove = 1;
/* If this cl isn't active, don't send any DEL_HOSTs. */
+
+/* FIXME: reprogram this.
if(cl->status.active)
notify_others(cl,NULL,send_del_host);
+*/
cp
/* Find all connections that were lost because they were behind cl
if((p->nexthop == cl) && (p != cl))
{
if(cl->status.active && p->status.active)
+/* FIXME: reprogram this
notify_others(p,cl,send_del_host);
+*/;
if(cl->socket)
close(cl->socket);
p->status.active = 0;
if(sighup)
{
sighup = 0;
+/* FIXME: reprogram this.
if(debug_lvl > 1)
syslog(LOG_INFO, _("Rereading configuration file"));
close_network_connections();
}
sleep(5);
setup_network_connections();
+*/
continue;
}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.h,v 1.9.4.15 2000/10/11 22:01:00 guus Exp $
+ $Id: net.h,v 1.9.4.16 2000/10/14 17:04:15 guus Exp $
*/
#ifndef __TINC_NET_H__
#include <sys/time.h>
#include "config.h"
-#include "conf.h"
#define MAXSIZE 1700 /* should be a bit more than the MTU for the tapdevice */
#define MTU 1600
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: protocol.c,v 1.28.4.38 2000/10/11 22:01:00 guus Exp $
+ $Id: protocol.c,v 1.28.4.39 2000/10/14 17:04:15 guus Exp $
*/
#include "config.h"
/* Exchange information about other tinc daemons */
+/* FIXME: reprogram this.
notify_others(cl, NULL, send_add_host);
notify_one(cl);
-
+*/
upstreamindex = 0;
cp
conn_list_add(conn_list, new);
/* Tell the rest about the new host */
-
+/* FIXME: reprogram this.
notify_others(new, cl, send_add_host);
-
+*/
cp
return 0;
}
if(!strcmp(to_id, myself->name))
{
- send_ans_key(myself, from, myself->datakey->key);
+ send_ans_key(myself, from, myself->cipher_pktkey);
}
else
{
return 0;
}
-int send_ans_key(conn_list_t *from, conn_list_t *to, char *datakey)
+int send_ans_key(conn_list_t *from, conn_list_t *to, char *pktkey)
{
cp
return send_request(to->nexthop, "%d %s %s %s", ANS_KEY,
- from->name, to->name, datakey);
+ from->name, to->name, pktkey);
}
int ans_key_h(conn_list_t *cl)
{
- char *from_id, *to_id, *datakey;
+ char *from_id, *to_id, *pktkey;
int keylength;
conn_list_t *from, *to;
cp
- if(sscanf(cl->buffer, "%*d %as %as %as", &from_id, &to_id, &datakey) != 3)
+ if(sscanf(cl->buffer, "%*d %as %as %as", &from_id, &to_id, &pktkey) != 3)
{
syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s)"),
cl->name, cl->hostname);
{
syslog(LOG_ERR, _("Got ANS_KEY from %s (%s) origin %s which does not exist in our connection list"),
cl->name, cl->hostname, from_id);
- free(from_id); free(to_id); free(datakey);
+ free(from_id); free(to_id); free(pktkey);
return -1;
}
{
/* It is for us, convert it to binary and set the key with it. */
- keylength = strlen(datakey);
+ keylength = strlen(pktkey);
if((keylength%2) || (keylength <= 0))
{
syslog(LOG_ERR, _("Got bad ANS_KEY from %s (%s) origin %s: invalid key"),
cl->name, cl->hostname, from->name);
- free(from_id); free(to_id); free(datakey);
+ free(from_id); free(to_id); free(pktkey);
return -1;
}
keylength /= 2;
- hex2bin(datakey, datakey, keylength);
- BF_set_key(cl->datakey, keylength, datakey);
+ hex2bin(pktkey, pktkey, keylength);
+ BF_set_key(cl->cipher_pktkey, keylength, pktkey);
}
else
{
{
syslog(LOG_ERR, _("Got ANS_KEY from %s (%s) destination %s which does not exist in our connection list"),
cl->name, cl->hostname, to_id);
- free(from_id); free(to_id); free(datakey);
+ free(from_id); free(to_id); free(pktkey);
return -1;
}
- send_ans_key(from, to, datakey);
+ send_ans_key(from, to, pktkey);
}
- free(from_id); free(to_id); free(datakey);
+ free(from_id); free(to_id); free(pktkey);
cp
return 0;
}
"ADD_SUBNET", "DEL_SUBNET",
"KEY_CHANGED", "REQ_KEY", "ANS_KEY",
};
+
+/* Status strings */
+
+char (*status_text[]) = {
+ "FIXME: status text",
+};
+
+/* Error strings */
+
+char (*error_text[]) = {
+ "FIXME: error text",
+};
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: tincd.c,v 1.10.4.10 2000/10/11 22:01:02 guus Exp $
+ $Id: tincd.c,v 1.10.4.11 2000/10/14 17:04:16 guus Exp $
*/
#include "config.h"
/* If zero, don't detach from the terminal. */
static int do_detach = 1;
-char *confbase = NULL; /* directory in which all config files are */
-/* char *configfilename = NULL; /* configuration file name, moved to config.c */
char *identname; /* program name for syslog */
char *netname = NULL; /* name of the vpn network */
char *pidfilename; /* pid file location */
else
{
printf(_("Usage: %s [option]...\n\n"), program_name);
- printf(_(" -c, --config=FILE Read configuration options from FILE.\n"
+ printf(_(" -c, --config=DIR Read configuration options from DIR.\n"
" -D, --no-detach Don't fork and detach.\n"
" -d Increase debug level.\n"
" -k, --kill Attempt to kill a running tincd and exit.\n"
case 0: /* long option */
break;
case 'c': /* config file */
- configfilename = xmalloc(strlen(optarg)+1);
- strcpy(configfilename, optarg);
+ confbase = xmalloc(strlen(optarg)+1);
+ strcpy(confbase, optarg);
break;
case 'D': /* no detach */
do_detach = 0;
*/
void make_names(void)
{
- if(!configfilename)
- {
- if(netname)
- {
- asprintf(&configfilename, "%s/tinc/%s/tinc.conf", CONFDIR, netname);
- }
- else
- {
- asprintf(&configfilename, "%s/tinc/tinc.conf", CONFDIR);
- }
- }
-
if(netname)
{
- asprintf(&pidfilename, "/var/run/tinc.%s.pid", netname);
- asprintf(&confbase, "%s/tinc/%s/", CONFDIR, netname);
- asprintf(&identname, "tinc.%s", netname);
+ if(!pidfilename)
+ asprintf(&pidfilename, "/var/run/tinc.%s.pid", netname);
+ if(!confbase)
+ asprintf(&confbase, "%s/tinc/%s", CONFDIR, netname);
+ if(!identname)
+ asprintf(&identname, "tinc.%s", netname);
}
else
{
- pidfilename = "/var/run/tinc.pid";
- asprintf(&confbase, "%s/tinc/", CONFDIR);
- identname = "tinc";
+ if(!pidfilename)
+ pidfilename = "/var/run/tinc.pid";
+ if(!confbase)
+ asprintf(&confbase, "%s/tinc", CONFDIR);
+ if(!identname)
+ identname = "tinc";
}
}
if(kill_tincd)
exit(kill_other());
- if(read_config_file(&config, configfilename))
+ if(read_server_config())
return 1;
setup_signals();
if(detach())
exit(0);
+/* FIXME: wt* is this suppose to do?
if(security_init())
return 1;
-
+*/
for(;;)
{
setup_network_connections();
{
if(debug_lvl > 1)
syslog(LOG_NOTICE, _("Got USR2 signal, forcing new key generation"));
+/* FIXME: reprogram this.
regenerate_keys();
+*/
}
RETSIGTYPE
projects / oweals / tinc.git / commitdiff