… | |
… | |
38 | #include <errno.h> |
38 | #include <errno.h> |
39 | #include <netdb.h> |
39 | #include <netdb.h> |
40 | #include <sys/stat.h> |
40 | #include <sys/stat.h> |
41 | #include <sys/types.h> |
41 | #include <sys/types.h> |
42 | #include <unistd.h> |
42 | #include <unistd.h> |
|
|
43 | #include <pwd.h> |
43 | |
44 | |
44 | #include "netcompat.h" |
45 | #include "netcompat.h" |
45 | |
46 | |
46 | #include <openssl/err.h> |
47 | #include <openssl/err.h> |
47 | #include <openssl/pem.h> |
48 | #include <openssl/pem.h> |
… | |
… | |
60 | struct configuration conf; |
61 | struct configuration conf; |
61 | |
62 | |
62 | u8 |
63 | u8 |
63 | best_protocol (u8 protset) |
64 | best_protocol (u8 protset) |
64 | { |
65 | { |
65 | #if 1//D2 |
|
|
66 | if (protset & PROT_IPv42 ) return PROT_IPv42; |
|
|
67 | #endif |
|
|
68 | if (protset & PROT_IPv4 ) return PROT_IPv4; |
66 | if (protset & PROT_IPv4 ) return PROT_IPv4; |
69 | if (protset & PROT_ICMPv4) return PROT_ICMPv4; |
67 | if (protset & PROT_ICMPv4) return PROT_ICMPv4; |
70 | if (protset & PROT_UDPv4 ) return PROT_UDPv4; |
68 | if (protset & PROT_UDPv4 ) return PROT_UDPv4; |
71 | if (protset & PROT_TCPv4 ) return PROT_TCPv4; |
69 | if (protset & PROT_TCPv4 ) return PROT_TCPv4; |
72 | if (protset & PROT_DNSv4 ) return PROT_DNSv4; |
70 | if (protset & PROT_DNSv4 ) return PROT_DNSv4; |
… | |
… | |
75 | } |
73 | } |
76 | |
74 | |
77 | const char * |
75 | const char * |
78 | strprotocol (u8 protocol) |
76 | strprotocol (u8 protocol) |
79 | { |
77 | { |
80 | #if 1//D2 |
|
|
81 | if (protocol & PROT_IPv42 ) return "rawip2"; |
|
|
82 | #endif |
|
|
83 | if (protocol & PROT_IPv4 ) return "rawip"; |
78 | if (protocol & PROT_IPv4 ) return "rawip"; |
84 | if (protocol & PROT_ICMPv4) return "icmp"; |
79 | if (protocol & PROT_ICMPv4) return "icmp"; |
85 | if (protocol & PROT_UDPv4 ) return "udp"; |
80 | if (protocol & PROT_UDPv4 ) return "udp"; |
86 | if (protocol & PROT_TCPv4 ) return "tcp"; |
81 | if (protocol & PROT_TCPv4 ) return "tcp"; |
87 | if (protocol & PROT_DNSv4 ) return "dns"; |
82 | if (protocol & PROT_DNSv4 ) return "dns"; |
… | |
… | |
140 | nfmark = 0; |
135 | nfmark = 0; |
141 | rekey = DEFAULT_REKEY; |
136 | rekey = DEFAULT_REKEY; |
142 | keepalive = DEFAULT_KEEPALIVE; |
137 | keepalive = DEFAULT_KEEPALIVE; |
143 | llevel = L_INFO; |
138 | llevel = L_INFO; |
144 | ip_proto = IPPROTO_GRE; |
139 | ip_proto = IPPROTO_GRE; |
145 | #if 1 //D2 |
|
|
146 | ip2_proto = 7; |
|
|
147 | #endif |
|
|
148 | #if ENABLE_ICMP |
140 | #if ENABLE_ICMP |
149 | icmp_type = ICMP_ECHOREPLY; |
141 | icmp_type = ICMP_ECHOREPLY; |
150 | #endif |
142 | #endif |
151 | |
143 | |
152 | default_node.udp_port = DEFAULT_UDPPORT; |
144 | default_node.udp_port = DEFAULT_UDPPORT; |
… | |
… | |
189 | free (proxy_auth); proxy_auth = 0; |
181 | free (proxy_auth); proxy_auth = 0; |
190 | #endif |
182 | #endif |
191 | #if ENABLE_DNS |
183 | #if ENABLE_DNS |
192 | free (dns_forw_host); dns_forw_host = 0; |
184 | free (dns_forw_host); dns_forw_host = 0; |
193 | #endif |
185 | #endif |
|
|
186 | free (change_root); change_root = 0; |
194 | free (script_if_up); script_if_up = 0; |
187 | free (script_if_up); script_if_up = 0; |
195 | free (script_node_up); script_node_up = 0; |
188 | free (script_node_up); script_node_up = 0; |
196 | free (script_node_change); script_node_change = 0; |
189 | free (script_node_change); script_node_change = 0; |
197 | free (script_node_down); script_node_down = 0; |
190 | free (script_node_down); script_node_down = 0; |
198 | } |
191 | } |
… | |
… | |
276 | if (l == L_NONE) |
269 | if (l == L_NONE) |
277 | return _("unknown loglevel, ignored"); |
270 | return _("unknown loglevel, ignored"); |
278 | } |
271 | } |
279 | else if (!strcmp (var, "ip-proto")) |
272 | else if (!strcmp (var, "ip-proto")) |
280 | conf.ip_proto = atoi (val); |
273 | conf.ip_proto = atoi (val); |
281 | #if 1 //D2 |
|
|
282 | else if (!strcmp (var, "ip2-proto")) |
|
|
283 | conf.ip2_proto = atoi (val); |
|
|
284 | #endif |
|
|
285 | else if (!strcmp (var, "icmp-type")) |
274 | else if (!strcmp (var, "icmp-type")) |
286 | { |
275 | { |
287 | #if ENABLE_ICMP |
276 | #if ENABLE_ICMP |
288 | conf.icmp_type = atoi (val); |
277 | conf.icmp_type = atoi (val); |
289 | #endif |
278 | #endif |
290 | } |
279 | } |
|
|
280 | else if (!strcmp (var, "chuser")) |
|
|
281 | { |
|
|
282 | struct passwd *pw = getpwnam (val); |
|
|
283 | if (!pw) |
|
|
284 | return _("user specified for chuser not found"); |
291 | |
285 | |
292 | // per config |
286 | conf.change_uid = pw->pw_uid; |
|
|
287 | conf.change_gid = pw->pw_gid; |
|
|
288 | } |
|
|
289 | else if (!strcmp (var, "chuid")) |
|
|
290 | conf.change_uid = atoi (val); |
|
|
291 | else if (!strcmp (var, "chgid")) |
|
|
292 | conf.change_gid = atoi (val); |
|
|
293 | else if (!strcmp (var, "chroot")) |
|
|
294 | free (conf.change_root), conf.change_root = strdup (val); |
|
|
295 | |
|
|
296 | // per node |
293 | else if (!strcmp (var, "node")) |
297 | else if (!strcmp (var, "node")) |
294 | { |
298 | { |
295 | parse_argv (); |
299 | parse_argv (); |
296 | |
300 | |
297 | conf.default_node.id++; |
301 | conf.default_node.id++; |
… | |
… | |
495 | } |
499 | } |
496 | else if (!strcmp (var, "enable-rawip")) |
500 | else if (!strcmp (var, "enable-rawip")) |
497 | { |
501 | { |
498 | u8 v; parse_bool (v, "enable-rawip", PROT_IPv4, 0); node->protocols = (node->protocols & ~PROT_IPv4 ) | v; |
502 | u8 v; parse_bool (v, "enable-rawip", PROT_IPv4, 0); node->protocols = (node->protocols & ~PROT_IPv4 ) | v; |
499 | } |
503 | } |
500 | #if 1//D2 |
|
|
501 | else if (!strcmp (var, "enable-rawip2")) |
|
|
502 | { |
|
|
503 | u8 v; parse_bool (v, "enable-rawip2", PROT_IPv42, 0); node->protocols = (node->protocols & ~PROT_IPv42 ) | v; |
|
|
504 | } |
|
|
505 | #endif |
|
|
506 | else if (!strcmp (var, "allow-direct")) |
504 | else if (!strcmp (var, "allow-direct")) |
507 | node->allow_direct.push_back (strdup (val)); |
505 | node->allow_direct.push_back (strdup (val)); |
508 | else if (!strcmp (var, "deny-direct")) |
506 | else if (!strcmp (var, "deny-direct")) |
509 | node->deny_direct.push_back (strdup (val)); |
507 | node->deny_direct.push_back (strdup (val)); |
510 | else if (!strcmp (var, "max-ttl")) |
508 | else if (!strcmp (var, "max-ttl")) |