[ViewVC] Diff of: cvs/gvpe/src/conf.C

Comparing gvpe/src/conf.C (file contents):
Revision 1.59 by root, Tue Dec 4 10:29:43 2012 UTC vs.
Revision 1.67 by root, Thu Oct 25 04:32:27 2018 UTC

 /*
     conf.C -- configuration code
-    Copyright (C) 2003-2008,2011 Marc Lehmann <gvpe@schmorp.de>
+    Copyright (C) 2003-2008,2011,2018 Marc Lehmann <gvpe@schmorp.de>
     This file is part of GVPE.
     GVPE is free software; you can redistribute it and/or modify it
     under the terms of the GNU General Public License as published by the
   dns_send_interval   = DEFAULT_DNS_SEND_INTERVAL;
   dns_overlap_factor  = DEFAULT_DNS_OVERLAP_FACTOR;
   dns_max_outstanding = DEFAULT_DNS_MAX_OUTSTANDING;
 #endif
-  conf.pidfilename = strdup (LOCALSTATEDIR "/run/gvpe.pid");
+  pidfilename   = strdup (LOCALSTATEDIR "/run/gvpe.pid");
+  seed_dev      = strdup ("/dev/urandom");
+  reseed        = DEFAULT_RESEED;
 }
 void
 configuration::cleanup ()
 {
   if (rsa_key)
     RSA_free (rsa_key);
   rsa_key = 0;
+  free (seed_dev);           seed_dev           = 0;
   free (pidfilename);        pidfilename        = 0;
   free (ifname);             ifname             = 0;
 #if ENABLE_HTTP_PROXY
   free (proxy_host);         proxy_host         = 0;
   free (proxy_auth);         proxy_auth         = 0;
   nodes.clear ();
   cleanup ();
   init ();
+}
+conf_node *
+configuration::find_node (const char *name)
+{
+  for (configuration::node_vector::iterator i = conf.nodes.begin(); i != conf.nodes.end(); ++i)
+    if (!strcmp ((*i)->nodename, name))
+      return *i;
+  return 0;
 }
 //static bool
 //is_true (const char *name)
 //{
 configuration_parser::parse_line (char *line)
 {
   {
     char *end = line + strlen (line);
-    while (*end < ' ' && end >= line)
+    while (end >= line && *end < ' ')
       end--;
     *++end = 0;
   }
   if (!var || !var[0])
     return 0;		/* no tokens on this line */
   if (var[0] == '#')
     return 0;		/* comment: ignore */
+  if (!strcmp (var, "global"))
+    {
+      node = &conf.default_node;
+      return 0;
+    }
   char *val = strtok (NULL, "\t\n\r =");
   if (!val || val[0] == '#')
     return _("no value given for variable, ignored");
       loglevel l = string_to_loglevel (val);
       if (l == L_NONE)
         return _("unknown loglevel, ignored");
     }
+  else if (!strcmp (var, "serial"))
+    strncpy (conf.serial, val, sizeof (conf.serial));
   else if (!strcmp (var, "ip-proto"))
     conf.ip_proto = atoi (val);
   else if (!strcmp (var, "icmp-type"))
     {
 #if ENABLE_ICMP
     free (conf.change_root), conf.change_root = strdup (val);
   // per node
   else if (!strcmp (var, "node"))
     {
-      parse_argv ();
+      node = conf.find_node (val);
+      if (!node)
+        {
-      conf.default_node.id++;
+          conf.default_node.id++;
-      node = new conf_node (conf.default_node);
+          node = new conf_node (conf.default_node);
-      conf.nodes.push_back (node);
+          conf.nodes.push_back (node);
-      node->nodename = strdup (val);
+          node->nodename = strdup (val);
-      {
-        char *fname;
-        FILE *f;
-        asprintf (&fname, "%s/pubkey/%s", confbase, node->nodename);
-        f = fopen (fname, "r");
-        if (f)
-          {
-            node->rsa_key = RSA_new ();
-            if (!PEM_read_RSAPublicKey(f, &node->rsa_key, NULL, NULL))
-              {
-                ERR_load_RSA_strings (); ERR_load_PEM_strings ();
-                slog (L_ERR, _("unable to open public rsa key file '%s': %s"), fname, ERR_error_string (ERR_get_error (), 0));
-                exit (EXIT_FAILURE);
-              }
-            require (RSA_blinding_on (node->rsa_key, 0));
-            fclose (f);
-          }
+        }
-        else
-          {
-            slog (need_keys ? L_ERR : L_NOTICE, _("unable to read public rsa key file '%s': %s"), fname, strerror (errno));
-            if (need_keys)
-              exit (EXIT_FAILURE);
-          }
-        free (fname);
-      }
-      if (::thisnode && !strcmp (node->nodename, ::thisnode))
-        conf.thisnode = node;
     }
   else if (!strcmp (var, "private-key"))
     free (conf.prikeyfile), conf.prikeyfile = strdup (val);
   else if (!strcmp (var, "ifpersist"))
     parse_bool (conf.ifpersist, "ifpersist", true, false);
     conf.keepalive = atoi (val);
   else if (!strcmp (var, "mtu"))
     conf.mtu = atoi (val);
   else if (!strcmp (var, "nfmark"))
     conf.nfmark = atoi (val);
+  else if (!strcmp (var, "seed-device"))
+    free (conf.seed_dev), conf.seed_dev = strdup (val);
+  else if (!strcmp (var, "seed-interval"))
+    conf.reseed = atoi (val);
   else if (!strcmp (var, "if-up"))
     free (conf.script_if_up), conf.script_if_up = strdup (val);
   else if (!strcmp (var, "node-up"))
     free (conf.script_node_up), conf.script_node_up = strdup (val);
   else if (!strcmp (var, "node-change"))
     }
   else if (!strcmp (var, "inherit-tos"))
     parse_bool (node->inherit_tos, "inherit-tos", true, false);
   else if (!strcmp (var, "compress"))
     parse_bool (node->compress, "compress", true, false);
+  else if (!strcmp (var, "low-power"))
+    parse_bool (node->low_power, "low-power", true, false);
   // all these bool options really really cost a lot of executable size!
   else if (!strcmp (var, "enable-tcp"))
     {
 #if ENABLE_TCP
       u8 v; parse_bool (v, "enable-tcp" , PROT_TCPv4, 0); node->protocols = (node->protocols & ~PROT_TCPv4) | v;
       connectmode = C_ALWAYS;
     }
 }
 void
-configuration_parser::parse_argv ()
-{
-  for (int i = 0; i < argc; ++i)
-    {
-      char *v = argv [i];
-      if (!*v)
-        continue;
-      char *enode = v;
-      while (*enode != '.' && *enode > ' ' && *enode != '=' && *enode)
-        enode++;
-      if (*enode != '.')
-        enode = 0;
-      char *wnode = node == &conf.default_node
-                    ? 0
-                    : node->nodename;
-      if ((!wnode && !enode)
-          || (wnode && enode && !strncmp (wnode, v, enode - v)))
-        {
-          const char *warn = parse_line (enode ? enode + 1 : v);
-          if (warn)
-            slog (L_WARN, _("%s, while parsing command line option '%s'."), warn, v);
-          *v = 0;
-        }
-    }
-}
-void
 configuration_parser::parse_file (const char *fname)
 {
   if (FILE *f = fopen (fname, "r"))
     {
       char line [2048];
           if (warn)
             slog (L_WARN, _("%s, at '%s', line %d."), warn, fname, lineno);
         }
       fclose (f);
-      parse_argv ();
     }
   else
     {
       slog (L_ERR, _("unable to read config file '%s': %s"), fname, strerror (errno));
       exit (EXIT_FAILURE);
 configuration_parser::configuration_parser (configuration &conf,
                                             bool need_keys,
                                             int argc,
                                             char **argv)
-: conf (conf),need_keys (need_keys), argc (argc), argv (argv)
+: conf (conf), need_keys (need_keys), argc (argc), argv (argv)
 {
   char *fname;
   conf.clear ();
   node = &conf.default_node;
       fclose (f);
     }
   else
     {
-      slog (need_keys ? L_ERR : L_NOTICE, _("unable to open private rsa key file '%s': %s"), fname, strerror (errno));
       if (need_keys)
+        {
+          slog (need_keys ? L_ERR : L_NOTICE, _("unable to open private rsa key file '%s': %s"), fname, strerror (errno));
-        exit (EXIT_FAILURE);
+          exit (EXIT_FAILURE);
+        }
     }
   free (fname);
-  if (need_keys && ::thisnode
+  fname = conf.config_filename (conf.pidfilename);
-      && conf.rsa_key && conf.thisnode && conf.thisnode->rsa_key)
+  free (conf.pidfilename); conf.pidfilename = fname;
-    if (BN_cmp (conf.rsa_key->n, conf.thisnode->rsa_key->n) != 0
-        || BN_cmp (conf.rsa_key->e, conf.thisnode->rsa_key->e) != 0)
-      {
-        slog (L_NOTICE, _("private hostkey and public node key mismatch: is '%s' the correct node?"), ::thisnode);
-        exit (EXIT_FAILURE);
-      }
   for (configuration::node_vector::iterator i = conf.nodes.begin(); i != conf.nodes.end(); ++i)
+    {
+      conf_node *node = *i;
+      char *fname;
+      FILE *f;
+      asprintf (&fname, "%s/pubkey/%s", confbase, node->nodename);
+      f = fopen (fname, "r");
+      if (f)
+        {
+          node->rsa_key = RSA_new ();
+          if (!PEM_read_RSAPublicKey (f, &node->rsa_key, NULL, NULL))
+            {
+              ERR_load_RSA_strings (); ERR_load_PEM_strings ();
+              slog (L_ERR, _("unable to open public rsa key file '%s': %s"), fname, ERR_error_string (ERR_get_error (), 0));
+              exit (EXIT_FAILURE);
+            }
+          require (RSA_blinding_on (node->rsa_key, 0));
+          fclose (f);
+        }
+      else
+        {
+          slog (need_keys ? L_ERR : L_NOTICE, _("unable to read public rsa key file '%s': %s"), fname, strerror (errno));
+          if (need_keys)
+            exit (EXIT_FAILURE);
+        }
+      free (fname);
-    (*i)->finalise ();
+      (*i)->finalise ();
+    }
+  if (::thisnode)
+    {
+      conf.thisnode = conf.find_node (::thisnode);
+      if (need_keys)
+        {
+          if (!conf.thisnode)
+            {
+              slog (L_NOTICE, _("local node ('%s') not found in config file, aborting."), ::thisnode);
+              exit (EXIT_FAILURE);
+            }
+          if (conf.rsa_key && conf.thisnode->rsa_key)
+            {
+              const BIGNUM *conf_n, *conf_e, *thisnode_n, *thisnode_e;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !LIBRESSL_VERSION_NUMBER
+              RSA_get0_key (conf.rsa_key, &conf_n, &conf_e, 0);
+              RSA_get0_key (conf.thisnode->rsa_key, &thisnode_n, &thisnode_e, 0);
+#else
+              conf_n = conf.thisnode->rsa_key->n;
+              conf_e = conf.thisnode->rsa_key->e;
+              thisnode_n = conf.rsa_key->n;
+              thisnode_e = conf.rsa_key->e;
+#endif
+              if (BN_cmp (conf_n, thisnode_n) != 0 || BN_cmp (conf_e, thisnode_e) != 0)
+                {
+                  slog (L_NOTICE, _("private hostkey and public node key mismatch: is '%s' the correct node?"), ::thisnode);
+                  exit (EXIT_FAILURE);
+                }
+            }
+        }
+    }
+  parse_argv ();
+}
+void
+configuration_parser::parse_argv ()
+{
+  for (int i = 0; i < argc; ++i)
+    {
+      char *v = argv [i];
+      if (!*v)
+        continue;
+      char *enode = v;
+      while (*enode != '.' && *enode > ' ' && *enode != '=' && *enode)
+        enode++;
+      if (*enode != '.')
+        enode = 0;
+      if (enode)
+        {
+          char *val = strdup (v);
+          val [enode - v] = 0;
+          node = conf.find_node (val);
+          free (val);
+          if (!node)
+            {
+              slog (L_WARN, _("command line option '%s' refers to unknown node, ignoring."), v);
+              continue;
+            }
+        }
+      else
+        node = &conf.default_node;
+      const char *warn = parse_line (enode ? enode + 1 : v);
+      if (warn)
+        slog (L_WARN, _("%s, while parsing command line option '%s'."), warn, v);
+    }
 }
 char *
 configuration::config_filename (const char *name, const char *dflt)
 {
   char *fname;
-  asprintf (&fname, name ? name : dflt, ::thisnode);
+  asprintf (&fname, name ? name : dflt, ::thisnode ? ::thisnode : "<unset>");
   if (!ABSOLUTE_PATH (fname))
     {
       char *rname = fname;
       asprintf (&fname, "%s/%s", confbase, rname);

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing gvpe/src/conf.C (file contents): Revision 1.59 by root, Tue Dec 4 10:29:43 2012 UTC vs. Revision 1.67 by root, Thu Oct 25 04:32:27 2018 UTC

Diff Legend

Comparing gvpe/src/conf.C (file contents):
Revision 1.59 by root, Tue Dec 4 10:29:43 2012 UTC vs.
Revision 1.67 by root, Thu Oct 25 04:32:27 2018 UTC