[ViewVC] Diff of: cvs/gvpe/src/conf.C

Comparing gvpe/src/conf.C (file contents):
Revision 1.18 by pcg, Thu Oct 16 02:41:21 2003 UTC vs.
Revision 1.26 by pcg, Wed May 12 13:32:13 2004 UTC

 /*
     conf.c -- configuration code
-    Copyright (C) 2003 Marc Lehmann <pcg@goof.com>
+    Copyright (C) 2003-2004 Marc Lehmann <pcg@goof.com>
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
     the Free Software Foundation; either version 2 of the License, or
     (at your option) any later version.
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/rsa.h>
 #include <openssl/rand.h>
+#include <openssl/bn.h>
 #include "gettext.h"
 #include "conf.h"
 #include "slog.h"
 #include "util.h"
 char *confbase;
 char *thisnode;
 char *identname;
-char *pidfilename;
 struct configuration conf;
 u8 best_protocol (u8 protset)
 {
   if (protset & PROT_IPv4  ) return PROT_IPv4;
   if (protset & PROT_ICMPv4) return PROT_ICMPv4;
   if (protset & PROT_UDPv4 ) return PROT_UDPv4;
   if (protset & PROT_TCPv4 ) return PROT_TCPv4;
+  if (protset & PROT_DNSv4 ) return PROT_DNSv4;
   return 0;
 }
 const char *strprotocol (u8 protocol)
 {
   if (protocol & PROT_IPv4  ) return "rawip";
   if (protocol & PROT_ICMPv4) return "icmp";
   if (protocol & PROT_UDPv4 ) return "udp";
   if (protocol & PROT_TCPv4 ) return "tcp";
+  if (protocol & PROT_DNSv4 ) return "dns";
   return "<unknown>";
 }
 void
 void configuration::init ()
 {
   memset (this, 0, sizeof (*this));
+  mtu       = DEFAULT_MTU;
   rekey     = DEFAULT_REKEY;
   keepalive = DEFAULT_KEEPALIVE;
   llevel    = L_INFO;
   ip_proto  = IPPROTO_GRE;
 #if ENABLE_ICMP
   icmp_type = ICMP_ECHOREPLY;
 #endif
   default_node.udp_port    = DEFAULT_UDPPORT;
-  default_node.tcp_port    = DEFAULT_UDPPORT;
+  default_node.tcp_port    = DEFAULT_UDPPORT; // ehrm
   default_node.connectmode = conf_node::C_ALWAYS;
   default_node.compress    = true;
   default_node.protocols   = PROT_UDPv4;
+  conf.pidfilename = strdup (LOCALSTATEDIR "/run/vped.pid");
 }
 void configuration::cleanup()
 {
   if (rsa_key)
     RSA_free (rsa_key);
   rsa_key = 0;
+  free (pidfilename); pidfilename = 0;
-  free (ifname);     ifname     = 0;
+  free (ifname);      ifname      = 0;
 #if ENABLE_HTTP_PROXY
-  free (proxy_host); proxy_host = 0;
+  free (proxy_host);  proxy_host  = 0;
-  free (proxy_auth); proxy_auth = 0;
+  free (proxy_auth);  proxy_auth  = 0;
 #endif
 }
 void
 configuration::clear_config ()
               else
                 slog (L_WARN, "'%s': %s, at '%s' line %d", val, UNKNOWN_LOGLEVEL, fname, line);
             }
           else if (!strcmp (var, "ip-proto"))
             ip_proto = atoi (val);
+          else if (!strcmp (var, "icmp-type"))
+            {
 #if ENABLE_ICMP
-          //TODO: error message
-          else if (!strcmp (var, "icmp-type"))
-            icmp_type = atoi (val);
+              icmp_type = atoi (val);
 #endif
+            }
           // per config
           else if (!strcmp (var, "node"))
             {
               default_node.id++;
                     if (!PEM_read_RSAPublicKey(f, &node->rsa_key, NULL, NULL))
                       {
                         ERR_load_RSA_strings (); ERR_load_PEM_strings ();
                         slog (L_ERR, _("unable to open public rsa key file '%s': %s"), fname, ERR_error_string (ERR_get_error (), 0));
-                        exit (1);
+                        exit (EXIT_FAILURE);
                       }
-                    RSA_blinding_on (node->rsa_key, 0);
+                    require (RSA_blinding_on (node->rsa_key, 0));
                     fclose (f);
                   }
                 else
                   {
                     slog (need_keys ? L_ERR : L_NOTICE, _("unable to read public rsa key file '%s': %s"), fname, strerror (errno));
                     if (need_keys)
-                      exit (1);
+                      exit (EXIT_FAILURE);
                   }
                 free (fname);
               }
-              if (!::thisnode || !strcmp (node->nodename, ::thisnode))
+              if (::thisnode && !strcmp (node->nodename, ::thisnode))
                 thisnode = node;
             }
           else if (!strcmp (var, "private-key"))
-            prikeyfile = strdup (val);
+            free (prikeyfile), prikeyfile = strdup (val);
           else if (!strcmp (var, "ifpersist"))
             {
               parse_bool (ifpersist, "ifpersist", true, false);
             }
           else if (!strcmp (var, "ifname"))
-            ifname = strdup (val);
+            free (ifname), ifname = strdup (val);
           else if (!strcmp (var, "rekey"))
             rekey = atoi (val);
           else if (!strcmp (var, "keepalive"))
             keepalive = atoi (val);
           else if (!strcmp (var, "mtu"))
             mtu = atoi (val);
           else if (!strcmp (var, "if-up"))
-            script_if_up = strdup (val);
+            free (script_if_up), script_if_up = strdup (val);
           else if (!strcmp (var, "node-up"))
-            script_node_up = strdup (val);
+            free (script_node_up), script_node_up = strdup (val);
           else if (!strcmp (var, "node-down"))
-            script_node_down = strdup (val);
+            free (script_node_down), script_node_down = strdup (val);
+          else if (!strcmp (var, "pid-file"))
+            free (pidfilename), pidfilename = strdup (val);
+          else if (!strcmp (var, "http-proxy-host"))
+            {
 #if ENABLE_HTTP_PROXY
-          else if (!strcmp (var, "http-proxy-host"))
-            proxy_host = strdup (val);
+              free (proxy_host), proxy_host = strdup (val);
+#endif
+            }
           else if (!strcmp (var, "http-proxy-port"))
+            {
+#if ENABLE_HTTP_PROXY
-            proxy_port = atoi (val);
+              proxy_port = atoi (val);
+#endif
+            }
           else if (!strcmp (var, "http-proxy-auth"))
+            {
+#if ENABLE_HTTP_PROXY
-            proxy_auth = (char *)base64_encode ((const u8 *)val, strlen (val));
+              proxy_auth = (char *)base64_encode ((const u8 *)val, strlen (val));
 #endif
+            }
           /* node-specific, non-defaultable */
           else if (node != &default_node && !strcmp (var, "hostname"))
-            {
-              free (node->hostname);
-              node->hostname = strdup (val);
+            free (node->hostname), node->hostname = strdup (val);
-            }
           /* node-specific, defaultable */
           else if (!strcmp (var, "udp-port"))
             node->udp_port = atoi (val);
           else if (!strcmp (var, "tcp-port"))
             node->tcp_port = atoi (val);
+          else if (!strcmp (var, "dns-port"))
+            node->dns_port = atoi (val);
           else if (!strcmp (var, "router-priority"))
             node->routerprio = atoi (val);
           else if (!strcmp (var, "connect"))
             {
               if (!strcmp (val, "ondemand"))
             {
 #if ENABLE_ICMP
               u8 v; parse_bool (v, "enable-icmp" , PROT_ICMPv4, 0); node->protocols = (node->protocols & ~PROT_ICMPv4) | v;
 #endif
             }
+          else if (!strcmp (var, "enable-dns"))
+            {
+#if ENABLE_DNS
+              u8 v; parse_bool (v, "enable-dns" , PROT_DNSv4, 0); node->protocols = (node->protocols & ~PROT_DNSv4) | v;
+#endif
+            }
           else if (!strcmp (var, "enable-udp"))
             {
               u8 v; parse_bool (v, "enable-udp" , PROT_UDPv4, 0); node->protocols = (node->protocols & ~PROT_UDPv4) | v;
             }
           else if (!strcmp (var, "enable-rawip"))
-            {
+            {;
               u8 v; parse_bool (v, "enable-rawip", PROT_IPv4, 0); node->protocols = (node->protocols & ~PROT_IPv4 ) | v;
             }
           // unknown or misplaced
           else
       fclose (f);
     }
   else
     {
       slog (L_ERR, _("unable to read config file '%s': %s"), fname, strerror (errno));
-      exit (1);
+      exit (EXIT_FAILURE);
     }
   free (fname);
   fname = config_filename (prikeyfile, "hostkey");
       if (!PEM_read_RSAPrivateKey (f, &rsa_key, NULL, NULL))
         {
           ERR_load_RSA_strings (); ERR_load_PEM_strings ();
           slog (L_ERR, _("unable to read private rsa key file '%s': %s"), fname, ERR_error_string (ERR_get_error (), 0));
-          exit (1);
+          exit (EXIT_FAILURE);
         }
-      RSA_blinding_on (rsa_key, 0);
+      require (RSA_blinding_on (rsa_key, 0));
       fclose (f);
     }
   else
     {
       slog (need_keys ? L_ERR : L_NOTICE, _("unable to open private rsa key file '%s': %s"), fname, strerror (errno));
       if (need_keys)
-        exit (1);
+        exit (EXIT_FAILURE);
     }
+  if (need_keys && ::thisnode
+      && rsa_key && thisnode && thisnode->rsa_key)
+    if (BN_cmp (rsa_key->n, thisnode->rsa_key->n) != 0
+        || BN_cmp (rsa_key->e, thisnode->rsa_key->e) != 0)
+      {
+        slog (L_NOTICE, _("private hostkey and public node key mismatch: is '%s' the correct node?"), ::thisnode);
+        exit (EXIT_FAILURE);
+      }
   free (fname);
 }
 char *configuration::config_filename (const char *name, const char *dflt)
   printf ("\n");
 }
 configuration::configuration ()
 {
+  asprintf (&confbase, "%s/vpe", CONFDIR);
   init ();
 }
 configuration::~configuration ()
 {

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing gvpe/src/conf.C (file contents): Revision 1.18 by pcg, Thu Oct 16 02:41:21 2003 UTC vs. Revision 1.26 by pcg, Wed May 12 13:32:13 2004 UTC

Diff Legend

Comparing gvpe/src/conf.C (file contents):
Revision 1.18 by pcg, Thu Oct 16 02:41:21 2003 UTC vs.
Revision 1.26 by pcg, Wed May 12 13:32:13 2004 UTC