--- gvpe/src/vpn.C	2003/10/14 03:22:09	1.14
+++ gvpe/src/vpn.C	2003/10/16 14:12:00	1.20
@@ -1,5 +1,6 @@
 /*
     vpn.C -- handle the protocol, encryption, handshaking etc.
+    Copyright (C) 2003 Marc Lehmann <pcg@goof.com>
  
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -26,28 +27,14 @@
 
 #include <sys/types.h>
 #include <sys/socket.h>
-#include <sys/poll.h>
 #include <sys/wait.h>
 #include <errno.h>
 #include <time.h>
 #include <unistd.h>
 #include <fcntl.h>
 #include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <net/if.h>
-#ifdef HAVE_NETINET_IN_SYSTM_H
-# include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IP_H
-# include <netinet/ip.h>
-#endif
-#ifdef HAVE_NETINET_TCP_H
-# include <netinet/tcp.h>
-#endif
-#if ENABLE_ICMP
-# include <netinet/ip_icmp.h>
-#endif
+
+#include "netcompat.h"
 
 #include "pidfile.h"
 
@@ -55,9 +42,7 @@
 #include "util.h"
 #include "vpn.h"
 
-#if !defined(SOL_IP) && defined(IPPROTO_IP)
-# define SOL_IP IPPROTO_IP
-#endif
+vpn network; // THE vpn (bad design...)
 
 /////////////////////////////////////////////////////////////////////////////
 
@@ -322,23 +307,6 @@
 }
 
 #if ENABLE_ICMP
-struct icmp_header {
-  u8          type;
-  u8          code;
-  u16         checksum;
-  union {
-        struct {
-                u16   id;
-                u16   sequence;
-        } echo;
-        u32   gateway;
-        struct {
-                u16   unused;
-                u16   mtu;
-        } frag;
-  } un;
-};
-
 bool
 vpn::send_icmpv4_packet (vpn_packet *pkt, const sockinfo &si, int tos)
 {
@@ -372,6 +340,25 @@
 }
 
 void
+vpn::inject_data_packet (tap_packet *pkt, int dst)
+{
+  if (dst)
+    {
+      // unicast
+      if (dst != THISNODE->id)
+        conns[dst - 1]->inject_data_packet (pkt);
+    }
+  else
+    {
+      // broadcast, this is ugly, but due to the security policy
+      // we have to connect to all hosts...
+      for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c)
+        if ((*c)->conf != THISNODE)
+          (*c)->inject_data_packet (pkt, true);
+  }
+}
+
+void
 vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
 {
   unsigned int src = pkt->src ();
@@ -395,7 +382,7 @@
       if (dst == 0)
         slog (L_WARN, _("%s(%s): received broadcast (protocol violation)"),
               c->conf->nodename, (const char *)rsi);
-      else if (dst != 0 && dst != THISNODE->id)
+      else if (dst != THISNODE->id)
         {
           if (THISNODE->routerprio)
             // the tos setting gets lost here. who cares.
@@ -566,39 +553,30 @@
 
       pkt = tap->recv ();
 
-      int dst = mac2id (pkt->dst);
-      int src = mac2id (pkt->src);
+      if (!pkt)
+        return;
 
-      if (src != THISNODE->id)
+      if (pkt->len > 14)
         {
-          slog (L_ERR, _("FATAL: tap packet not originating on current node received, exiting."));
-          exit (1);
-        }
-
-      if (dst == THISNODE->id)
-        {
-          slog (L_ERR, _("FATAL: tap packet destined for current node received, exiting."));
-          exit (1);
-        }
+          int dst = mac2id (pkt->dst);
+          int src = mac2id (pkt->src);
 
-      if (dst > conns.size ())
-        slog (L_ERR, _("tap packet for unknown node %d received, ignoring."), dst);
-      else
-        {
-          if (dst)
+          if (src != THISNODE->id)
             {
-              // unicast
-              if (dst != THISNODE->id)
-                conns[dst - 1]->inject_data_packet (pkt);
+              slog (L_ERR, _("FATAL: tap packet not originating on current node received, exiting."));
+              exit (1);
             }
-          else
+
+          if (dst == THISNODE->id)
             {
-              // broadcast, this is ugly, but due to the security policy
-              // we have to connect to all hosts...
-              for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c)
-                if ((*c)->conf != THISNODE)
-                  (*c)->inject_data_packet (pkt);
+              slog (L_ERR, _("FATAL: tap packet destined for current node received, exiting."));
+              exit (1);
             }
+
+          if (dst > conns.size ())
+            slog (L_ERR, _("tap packet for unknown node %d received, ignoring."), dst);
+          else
+            inject_data_packet (pkt, dst);
         }
 
       delete pkt;