--- gvpe/src/connection.C 2005/03/26 03:16:24 1.53 +++ gvpe/src/connection.C 2005/07/07 14:41:51 1.57 @@ -16,13 +16,11 @@ You should have received a copy of the GNU General Public License along with gvpe; if not, write to the Free Software - Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ #include "config.h" -#include - #include #include @@ -850,7 +848,7 @@ send_data_packet (pkt); else { - if (!broadcast)//DDDD + if (!broadcast) data_queue.put (new tap_packet (*pkt)); establish_connection (); @@ -1065,7 +1063,7 @@ if (si != rsi) { - // fast re-sync on connection changes, useful especially for tcp/ip + // fast re-sync on source address changes, useful especially for tcp/ip si = rsi; slog (L_INFO, _("%s(%s): socket address changed to %s"), @@ -1086,22 +1084,28 @@ { connect_req_packet *p = (connect_req_packet *) pkt; - assert (p->id > 0 && p->id <= vpn->conns.size ()); // hmac-auth does not mean we accept anything - connection *c = vpn->conns[p->id - 1]; - conf->protocols = p->protocols; + if (p->id > 0 && p->id <= vpn->conns.size ()) + { + connection *c = vpn->conns[p->id - 1]; + conf->protocols = p->protocols; - slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n", - conf->id, p->id, c->ictx && c->octx); + slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n", + conf->id, p->id, c->ictx && c->octx); - if (c->ictx && c->octx) - { - // send connect_info packets to both sides, in case one is - // behind a nat firewall (or both ;) - c->send_connect_info (conf->id, si, conf->protocols); - send_connect_info (c->conf->id, c->si, c->conf->protocols); + if (c->ictx && c->octx) + { + // send connect_info packets to both sides, in case one is + // behind a nat firewall (or both ;) + c->send_connect_info (conf->id, si, conf->protocols); + send_connect_info (c->conf->id, c->si, c->conf->protocols); + } + else + c->establish_connection (); } else - c->establish_connection (); + slog (L_WARN, + _("received authenticated connection request from unknown node #%d, config file mismatch?"), + p->id); } break; @@ -1111,7 +1115,7 @@ { connect_info_packet *p = (connect_info_packet *)pkt; - if (p->id > 0 && p->id <= vpn->conns.size ()) // hmac-auth does not mean we accept anything + if (p->id > 0 && p->id <= vpn->conns.size ()) { connection *c = vpn->conns[p->id - 1]; @@ -1127,6 +1131,10 @@ if (dsi.valid ()) c->send_auth_request (dsi, true); } + else + slog (L_WARN, + _("received authenticated connection request from unknown node #%d, config file mismatch?"), + p->id); } break; @@ -1203,6 +1211,8 @@ "%s/%s", confbase, ::conf.script_node_up ? ::conf.script_node_up : "node-up"); + + return filename; } const char *connection::script_node_down () @@ -1216,6 +1226,8 @@ "%s/%s", confbase, ::conf.script_node_down ? ::conf.script_node_down : "node-down"); + + return filename; } connection::connection (struct vpn *vpn, conf_node *conf)