Add support for multicast communication with UML/QEMU/KVM.

[oweals/tinc.git] / src / net_setup.c

diff --git a/src/net_setup.c b/src/net_setup.c
index 9f0fd888067db646e2a699562f82ccc4e55742c4..4b90737f3c68d4e8d43baf473e110f27ab2c4bf8 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,8 +1,9 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2010 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
+                  2010      Brandon Black <blblack@gmail.com>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -44,6 +45,7 @@
 #include "xalloc.h"
 
 char *myport;
+devops_t devops;
 
 bool read_rsa_public_key(connection_t *c) {
        FILE *fp;
@@ -112,11 +114,14 @@ bool read_rsa_public_key(connection_t *c) {
        xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
        fp = fopen(fname, "r");
 
-       if(fp) {
-               c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
-               fclose(fp);
+       if(!fp) {
+               logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
+               free(fname);
+               return false;
        }
 
+       c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
+       fclose(fp);
        free(fname);
 
        if(c->rsa_key)
@@ -127,12 +132,15 @@ bool read_rsa_public_key(connection_t *c) {
        xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
        fp = fopen(fname, "r");
 
-       if(fp) {
-               c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
-//             RSA_blinding_on(c->rsa_key, NULL);
-               fclose(fp);
+       if(!fp) {
+               logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
+               free(fname);
+               return false;
        }
 
+       c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
+//     RSA_blinding_on(c->rsa_key, NULL);
+       fclose(fp);
        free(fname);
 
        if(c->rsa_key)
@@ -143,7 +151,7 @@ bool read_rsa_public_key(connection_t *c) {
        return false;
 }
 
-bool read_rsa_private_key(void) {
+static bool read_rsa_private_key(void) {
        FILE *fp;
        char *fname, *key, *pubkey;
        struct stat s;
@@ -213,7 +221,6 @@ void load_all_subnets(void) {
        config_t *cfg;
        subnet_t *s, *s2;
        node_t *n;
-       bool result;
 
        xasprintf(&dname, "%s/hosts", confbase);
        dir = opendir(dname);
@@ -235,10 +242,9 @@ void load_all_subnets(void) {
 
                xasprintf(&fname, "%s/hosts/%s", confbase, ent->d_name);
                init_configuration(&config_tree);
-               result = read_config_file(config_tree, fname);
+               read_config_options(config_tree, ent->d_name);
+               read_config_file(config_tree, fname);
                free(fname);
-               if(!result)
-                       continue;
 
                if(!n) {
                        n = new_node();
@@ -266,16 +272,17 @@ void load_all_subnets(void) {
 /*
   Configure node_t myself and set up the local sockets (listen only)
 */
-bool setup_myself(void) {
+static bool setup_myself(void) {
        config_t *cfg;
        subnet_t *subnet;
-       char *name, *hostname, *mode, *afname, *cipher, *digest;
+       char *name, *hostname, *mode, *afname, *cipher, *digest, *type;
        char *fname = NULL;
        char *address = NULL;
        char *envp[5];
        struct addrinfo *ai, *aip, hint = {0};
        bool choice;
        int i, err;
+       int replaywin_int;
 
        myself = new_node();
        myself->connection = new_connection();
@@ -300,6 +307,7 @@ bool setup_myself(void) {
        myself->name = name;
        myself->connection->name = xstrdup(name);
        xasprintf(&fname, "%s/hosts/%s", confbase, name);
+       read_config_options(config_tree, name);
        read_config_file(config_tree, fname);
        free(fname);
 
@@ -346,6 +354,7 @@ bool setup_myself(void) {
        get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
        get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
        get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
+       get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
        strictsubnets |= tunnelserver;
 
        if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
@@ -387,6 +396,8 @@ bool setup_myself(void) {
                myself->options |= OPTION_CLAMP_MSS;
 
        get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance);
+       get_config_bool(lookup_config(config_tree, "DecrementTTL"), &decrement_ttl);
+       get_config_bool(lookup_config(config_tree, "Broadcast"), &broadcast);
 
 #if !defined(SOL_IP) || !defined(IP_TOS)
        if(priorityinheritance)
@@ -404,6 +415,28 @@ bool setup_myself(void) {
        } else
                maxtimeout = 900;
 
+       if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) {
+               if(udp_rcvbuf <= 0) {
+                       logger(LOG_ERR, "UDPRcvBuf cannot be negative!");
+                       return false;
+               }
+       }
+
+       if(get_config_int(lookup_config(config_tree, "UDPSndBuf"), &udp_sndbuf)) {
+               if(udp_sndbuf <= 0) {
+                       logger(LOG_ERR, "UDPSndBuf cannot be negative!");
+                       return false;
+               }
+       }
+
+       if(get_config_int(lookup_config(config_tree, "ReplayWindow"), &replaywin_int)) {
+               if(replaywin_int < 0) {
+                       logger(LOG_ERR, "ReplayWindow cannot be negative!");
+                       return false;
+               }
+               replaywin = (unsigned)replaywin_int;
+       }
+
        if(get_config_string(lookup_config(config_tree, "AddressFamily"), &afname)) {
                if(!strcasecmp(afname, "IPv4"))
                        addressfamily = AF_INET;
@@ -508,7 +541,26 @@ bool setup_myself(void) {
 
        /* Open device */
 
-       if(!setup_device())
+       devops = os_devops;
+
+       if(get_config_string(lookup_config(config_tree, "DeviceType"), &type)) {
+               if(!strcasecmp(type, "dummy"))
+                       devops = dummy_devops;
+               else if(!strcasecmp(type, "raw_socket"))
+                       devops = raw_socket_devops;
+               else if(!strcasecmp(type, "multicast"))
+                       devops = multicast_devops;
+#ifdef ENABLE_UML
+               else if(!strcasecmp(type, "uml"))
+                       devops = uml_devops;
+#endif
+#ifdef ENABLE_VDE
+               else if(!strcasecmp(type, "vde"))
+                       devops = vde_devops;
+#endif
+       }
+
+       if(!devops.setup())
                return false;
 
        /* Run tinc-up script to further initialize the tap interface */
@@ -529,47 +581,71 @@ bool setup_myself(void) {
 
        /* Open sockets */
 
-       get_config_string(lookup_config(config_tree, "BindToAddress"), &address);
+       listen_sockets = 0;
+       cfg = lookup_config(config_tree, "BindToAddress");
 
-       hint.ai_family = addressfamily;
-       hint.ai_socktype = SOCK_STREAM;
-       hint.ai_protocol = IPPROTO_TCP;
-       hint.ai_flags = AI_PASSIVE;
+       do {
+               get_config_string(cfg, &address);
+               if(cfg)
+                       cfg = lookup_config_next(config_tree, cfg);
 
-       err = getaddrinfo(address, myport, &hint, &ai);
+               char *port = myport;
 
-       if(err || !ai) {
-               logger(LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
-                          gai_strerror(err));
-               return false;
-       }
+               if(address) {
+                       char *space = strchr(address, ' ');
+                       if(space) {
+                               *space++ = 0;
+                               port = space;
+                       }
 
-       listen_sockets = 0;
+                       if(!strcmp(address, "*"))
+                               *address = 0;
+               }
 
-       for(aip = ai; aip; aip = aip->ai_next) {
-               listen_socket[listen_sockets].tcp =
-                       setup_listen_socket((sockaddr_t *) aip->ai_addr);
+               hint.ai_family = addressfamily;
+               hint.ai_socktype = SOCK_STREAM;
+               hint.ai_protocol = IPPROTO_TCP;
+               hint.ai_flags = AI_PASSIVE;
 
-               if(listen_socket[listen_sockets].tcp < 0)
-                       continue;
+               err = getaddrinfo(address && *address ? address : NULL, port, &hint, &ai);
+               free(address);
+
+               if(err || !ai) {
+                       logger(LOG_ERR, "System call `%s' failed: %s", "getaddrinfo",
+                                  gai_strerror(err));
+                       return false;
+               }
 
-               listen_socket[listen_sockets].udp =
-                       setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
+               for(aip = ai; aip; aip = aip->ai_next) {
+                       if(listen_sockets >= MAXSOCKETS) {
+                               logger(LOG_ERR, "Too many listening sockets");
+                               return false;
+                       }
 
-               if(listen_socket[listen_sockets].udp < 0)
-                       continue;
+                       listen_socket[listen_sockets].tcp =
+                               setup_listen_socket((sockaddr_t *) aip->ai_addr);
 
-               ifdebug(CONNECTIONS) {
-                       hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
-                       logger(LOG_NOTICE, "Listening on %s", hostname);
-                       free(hostname);
-               }
+                       if(listen_socket[listen_sockets].tcp < 0)
+                               continue;
 
-               memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
-               listen_sockets++;
-       }
+                       listen_socket[listen_sockets].udp =
+                               setup_vpn_in_socket((sockaddr_t *) aip->ai_addr);
+
+                       if(listen_socket[listen_sockets].udp < 0)
+                               continue;
+
+                       ifdebug(CONNECTIONS) {
+                               hostname = sockaddr2hostname((sockaddr_t *) aip->ai_addr);
+                               logger(LOG_NOTICE, "Listening on %s", hostname);
+                               free(hostname);
+                       }
+
+                       memcpy(&listen_socket[listen_sockets].sa, aip->ai_addr, aip->ai_addrlen);
+                       listen_sockets++;
+               }
 
-       freeaddrinfo(ai);
+               freeaddrinfo(ai);
+       } while(cfg);
 
        if(listen_sockets)
                logger(LOG_NOTICE, "Ready");
@@ -671,7 +747,7 @@ void close_network_connections(void) {
        for(i = 0; i < 4; i++)
                free(envp[i]);
 
-       close_device();
+       devops.close();
 
        return;
 }