1 | /* |
1 | /* |
2 | vpn.C -- handle the protocol, encryption, handshaking etc. |
2 | vpn.C -- handle the protocol, encryption, handshaking etc. |
3 | Copyright (C) 2003-2007 Marc Lehmann <gvpe@schmorp.de> |
3 | Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de> |
4 | |
4 | |
5 | This file is part of GVPE. |
5 | This file is part of GVPE. |
6 | |
6 | |
7 | GVPE is free software; you can redistribute it and/or modify |
7 | GVPE is free software; you can redistribute it and/or modify it |
8 | it under the terms of the GNU General Public License as published by |
8 | under the terms of the GNU General Public License as published by the |
9 | the Free Software Foundation; either version 2 of the License, or |
9 | Free Software Foundation; either version 3 of the License, or (at your |
10 | (at your option) any later version. |
10 | option) any later version. |
11 | |
11 | |
12 | This program is distributed in the hope that it will be useful, |
12 | This program is distributed in the hope that it will be useful, but |
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General |
15 | GNU General Public License for more details. |
15 | Public License for more details. |
16 | |
16 | |
17 | You should have received a copy of the GNU General Public License |
17 | You should have received a copy of the GNU General Public License along |
18 | along with gvpe; if not, write to the Free Software |
18 | with this program; if not, see <http://www.gnu.org/licenses/>. |
19 | Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
19 | |
|
|
20 | Additional permission under GNU GPL version 3 section 7 |
|
|
21 | |
|
|
22 | If you modify this Program, or any covered work, by linking or |
|
|
23 | combining it with the OpenSSL project's OpenSSL library (or a modified |
|
|
24 | version of that library), containing parts covered by the terms of the |
|
|
25 | OpenSSL or SSLeay licenses, the licensors of this Program grant you |
|
|
26 | additional permission to convey the resulting work. Corresponding |
|
|
27 | Source for a non-source form of such a combination shall include the |
|
|
28 | source code for the parts of OpenSSL used as well as that of the |
|
|
29 | covered work. |
20 | */ |
30 | */ |
21 | |
31 | |
22 | #include "config.h" |
32 | #include "config.h" |
23 | |
33 | |
24 | #include <list> |
34 | #include <list> |
… | |
… | |
87 | snprintf (ext, 16, "_%d", (*c)->conf->id); |
97 | snprintf (ext, 16, "_%d", (*c)->conf->id); |
88 | (*c)->script_init_env (ext); |
98 | (*c)->script_init_env (ext); |
89 | } |
99 | } |
90 | } |
100 | } |
91 | |
101 | |
|
|
102 | inline const char * |
92 | const char *vpn::script_if_init () |
103 | vpn::script_if_init () |
93 | { |
104 | { |
94 | script_init_env (); |
105 | script_init_env (); |
95 | |
106 | |
96 | return tap->if_up (); |
107 | return tap->if_up (); |
97 | } |
108 | } |
98 | |
109 | |
|
|
110 | inline const char * |
99 | const char *vpn::script_if_up () |
111 | vpn::script_if_up () |
100 | { |
112 | { |
101 | script_init_env (); |
113 | script_init_env (); |
102 | |
114 | |
103 | char *filename; |
115 | char *filename; |
104 | asprintf (&filename, |
116 | asprintf (&filename, |
… | |
… | |
329 | exit (EXIT_FAILURE); |
341 | exit (EXIT_FAILURE); |
330 | } |
342 | } |
331 | |
343 | |
332 | fcntl (tap->fd, F_SETFD, FD_CLOEXEC); |
344 | fcntl (tap->fd, F_SETFD, FD_CLOEXEC); |
333 | |
345 | |
|
|
346 | run_script_cb cb; |
|
|
347 | cb.set<vpn, &vpn::script_if_init> (this); |
|
|
348 | |
334 | if (tap->if_up () && |
349 | if (tap->if_up () && |
335 | !run_script (run_script_cb (this, &vpn::script_if_init), true)) |
350 | !run_script (cb, true)) |
336 | { |
351 | { |
337 | slog (L_ERR, _("interface initialization command '%s' failed, exiting."), |
352 | slog (L_ERR, _("interface initialization command '%s' failed, exiting."), |
338 | tap->if_up ()); |
353 | tap->if_up ()); |
339 | exit (EXIT_FAILURE); |
354 | exit (EXIT_FAILURE); |
340 | } |
355 | } |
341 | |
356 | |
342 | if (!run_script (run_script_cb (this, &vpn::script_if_up), true)) |
357 | cb.set<vpn, &vpn::script_if_up> (this); |
|
|
358 | if (!run_script (cb, true)) |
343 | { |
359 | { |
344 | slog (L_ERR, _("if-up command execution failed, exiting.")); |
360 | slog (L_ERR, _("if-up command execution failed, exiting.")); |
345 | exit (EXIT_FAILURE); |
361 | exit (EXIT_FAILURE); |
346 | } |
362 | } |
347 | |
363 | |
… | |
… | |
423 | { |
439 | { |
424 | // broadcast, this is ugly, but due to the security policy |
440 | // broadcast, this is ugly, but due to the security policy |
425 | // we have to connect to all hosts... |
441 | // we have to connect to all hosts... |
426 | for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c) |
442 | for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c) |
427 | if ((*c)->conf != THISNODE) |
443 | if ((*c)->conf != THISNODE) |
428 | (*c)->inject_data_packet (pkt, true); |
444 | (*c)->inject_data_packet (pkt); |
429 | } |
445 | } |
430 | } |
446 | } |
431 | |
447 | |
432 | void |
448 | void |
433 | vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
449 | vpn::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
… | |
… | |
497 | } |
513 | } |
498 | |
514 | |
499 | return false; |
515 | return false; |
500 | } |
516 | } |
501 | |
517 | |
502 | void |
518 | inline void |
503 | vpn::ipv4_ev (ev::io &w, int revents) |
519 | vpn::ipv4_ev (ev::io &w, int revents) |
504 | { |
520 | { |
505 | if (revents & EV_READ) |
521 | if (revents & EV_READ) |
506 | { |
522 | { |
507 | vpn_packet *pkt = new vpn_packet; |
523 | vpn_packet *pkt = new vpn_packet; |
… | |
… | |
538 | exit (EXIT_FAILURE); |
554 | exit (EXIT_FAILURE); |
539 | } |
555 | } |
540 | } |
556 | } |
541 | |
557 | |
542 | #if ENABLE_ICMP |
558 | #if ENABLE_ICMP |
543 | void |
559 | inline void |
544 | vpn::icmpv4_ev (ev::io &w, int revents) |
560 | vpn::icmpv4_ev (ev::io &w, int revents) |
545 | { |
561 | { |
546 | if (revents & EV_READ) |
562 | if (revents & EV_READ) |
547 | { |
563 | { |
548 | vpn_packet *pkt = new vpn_packet; |
564 | vpn_packet *pkt = new vpn_packet; |
… | |
… | |
586 | exit (EXIT_FAILURE); |
602 | exit (EXIT_FAILURE); |
587 | } |
603 | } |
588 | } |
604 | } |
589 | #endif |
605 | #endif |
590 | |
606 | |
591 | void |
607 | inline void |
592 | vpn::udpv4_ev (ev::io &w, int revents) |
608 | vpn::udpv4_ev (ev::io &w, int revents) |
593 | { |
609 | { |
594 | if (revents & EV_READ) |
610 | if (revents & EV_READ) |
595 | { |
611 | { |
596 | vpn_packet *pkt = new vpn_packet; |
612 | vpn_packet *pkt = new vpn_packet; |
… | |
… | |
623 | revents); |
639 | revents); |
624 | exit (EXIT_FAILURE); |
640 | exit (EXIT_FAILURE); |
625 | } |
641 | } |
626 | } |
642 | } |
627 | |
643 | |
628 | void |
644 | inline void |
629 | vpn::tap_ev (ev::io &w, int revents) |
645 | vpn::tap_ev (ev::io &w, int revents) |
630 | { |
646 | { |
631 | if (revents & EV_READ) |
647 | if (revents & EV_READ) |
632 | { |
648 | { |
633 | /* process data */ |
649 | /* process data */ |
… | |
… | |
665 | } |
681 | } |
666 | else |
682 | else |
667 | abort (); |
683 | abort (); |
668 | } |
684 | } |
669 | |
685 | |
670 | void |
686 | inline void |
671 | vpn::event_cb (ev::timer &w, int) |
687 | vpn::event_cb (ev::timer &w, int) |
672 | { |
688 | { |
673 | if (events) |
689 | if (events) |
674 | { |
690 | { |
675 | if (events & EVENT_SHUTDOWN) |
691 | if (events & EVENT_SHUTDOWN) |
… | |
… | |
776 | |
792 | |
777 | slog (L_NOTICE, _("END status dump")); |
793 | slog (L_NOTICE, _("END status dump")); |
778 | } |
794 | } |
779 | |
795 | |
780 | vpn::vpn (void) |
796 | vpn::vpn (void) |
|
|
797 | { |
781 | : event (this, &vpn::event_cb) |
798 | event .set<vpn, &vpn::event_cb > (this); |
782 | , udpv4_ev_watcher (this, &vpn::udpv4_ev) |
799 | udpv4_ev_watcher .set<vpn, &vpn::udpv4_ev > (this); |
783 | , ipv4_ev_watcher (this, &vpn::ipv4_ev) |
800 | ipv4_ev_watcher .set<vpn, &vpn::ipv4_ev > (this); |
784 | #if ENABLE_TCP |
801 | #if ENABLE_TCP |
785 | , tcpv4_ev_watcher (this, &vpn::tcpv4_ev) |
802 | tcpv4_ev_watcher .set<vpn, &vpn::tcpv4_ev > (this); |
786 | #endif |
803 | #endif |
787 | #if ENABLE_ICMP |
804 | #if ENABLE_ICMP |
788 | , icmpv4_ev_watcher(this, &vpn::icmpv4_ev) |
805 | icmpv4_ev_watcher.set<vpn, &vpn::icmpv4_ev> (this); |
789 | #endif |
806 | #endif |
790 | #if ENABLE_DNS |
807 | #if ENABLE_DNS |
791 | , dnsv4_ev_watcher (this, &vpn::dnsv4_ev) |
808 | dnsv4_ev_watcher .set<vpn, &vpn::dnsv4_ev > (this); |
792 | #endif |
809 | #endif |
793 | , tap_ev_watcher (this, &vpn::tap_ev) |
810 | tap_ev_watcher .set<vpn, &vpn::tap_ev > (this); |
794 | { |
|
|
795 | } |
811 | } |
796 | |
812 | |
797 | vpn::~vpn () |
813 | vpn::~vpn () |
798 | { |
814 | { |
799 | } |
815 | } |