Home Explore Help
Register Sign In
OWEALs
/
tinc
mirror of https://tinc-vpn.org/git/tinc
2
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
tinc
/
src
/
protocol_subnet.c

protocol_subnet.c 6.5 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255 
  1. /*
    2. 

  2.     protocol_subnet.c -- handle the meta-protocol, subnets
    3. 

  3.     Copyright (C) 1999-2005 Ivo Timmermans,
    4. 

  4.                   2000-2009 Guus Sliepen <guus@tinc-vpn.org>
    5. 

  5.                   2009      Michael Tokarev <mjt@tls.msk.ru>
    6. 

  6. 

  7.     This program is free software; you can redistribute it and/or modify
    8. 

  8.     it under the terms of the GNU General Public License as published by
    9. 

  9.     the Free Software Foundation; either version 2 of the License, or
    10. 

  10.     (at your option) any later version.
    11. 

  11. 

  12.     This program is distributed in the hope that it will be useful,
    13. 

  13.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.     GNU General Public License for more details.
    16. 

  16. 

  17.     You should have received a copy of the GNU General Public License along
    18. 

  18.     with this program; if not, write to the Free Software Foundation, Inc.,
    19. 

  19.     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    20. 

  20. */
    21. 

  21. 

  22. #include "system.h"
    23. 

  23. 

  24. #include "conf.h"
    25. 

  25. #include "connection.h"
    26. 

  26. #include "logger.h"
    27. 

  27. #include "net.h"
    28. 

  28. #include "netutl.h"
    29. 

  29. #include "node.h"
    30. 

  30. #include "protocol.h"
    31. 

  31. #include "subnet.h"
    32. 

  32. #include "utils.h"
    33. 

  33. #include "xalloc.h"
    34. 

  34. 

  35. bool send_add_subnet(connection_t *c, const subnet_t *subnet) {
    36. 

  36. 	char netstr[MAXNETSTR];
    37. 

  37. 

  38. 	if(!net2str(netstr, sizeof(netstr), subnet)) {
    39. 

  39. 		return false;
    40. 

  40. 	}
    41. 

  41. 

  42. 	return send_request(c, "%d %x %s %s", ADD_SUBNET, rand(), subnet->owner->name, netstr);
    43. 

  43. }
    44. 

  44. 

  45. bool add_subnet_h(connection_t *c) {
    46. 

  46. 	char subnetstr[MAX_STRING_SIZE];
    47. 

  47. 	char name[MAX_STRING_SIZE];
    48. 

  48. 	node_t *owner;
    49. 

  49. 	subnet_t s = {0}, *new, *old;
    50. 

  50. 

  51. 	if(sscanf(c->buffer, "%*d %*x " MAX_STRING " " MAX_STRING, name, subnetstr) != 2) {
    52. 

  52. 		logger(LOG_ERR, "Got bad %s from %s (%s)", "ADD_SUBNET", c->name,
    53. 

  53. 		       c->hostname);
    54. 

  54. 		return false;
    55. 

  55. 	}
    56. 

  56. 

  57. 	/* Check if owner name is valid */
    58. 

  58. 

  59. 	if(!check_id(name)) {
    60. 

  60. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "ADD_SUBNET", c->name,
    61. 

  61. 		       c->hostname, "invalid name");
    62. 

  62. 		return false;
    63. 

  63. 	}
    64. 

  64. 

  65. 	/* Check if subnet string is valid */
    66. 

  66. 

  67. 	if(!str2net(&s, subnetstr)) {
    68. 

  68. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "ADD_SUBNET", c->name,
    69. 

  69. 		       c->hostname, "invalid subnet string");
    70. 

  70. 		return false;
    71. 

  71. 	}
    72. 

  72. 

  73. 	if(seen_request(c->buffer)) {
    74. 

  74. 		return true;
    75. 

  75. 	}
    76. 

  76. 

  77. 	/* Check if the owner of the new subnet is in the connection list */
    78. 

  78. 

  79. 	owner = lookup_node(name);
    80. 

  80. 

  81. 	if(tunnelserver && owner != myself && owner != c->node) {
    82. 

  82. 		/* in case of tunnelserver, ignore indirect subnet registrations */
    83. 

  83. 		ifdebug(PROTOCOL) logger(LOG_WARNING, "Ignoring indirect %s from %s (%s) for %s",
    84. 

  84. 		                         "ADD_SUBNET", c->name, c->hostname, subnetstr);
    85. 

  85. 		return true;
    86. 

  86. 	}
    87. 

  87. 

  88. 	if(!owner) {
    89. 

  89. 		owner = new_node();
    90. 

  90. 		owner->name = xstrdup(name);
    91. 

  91. 		node_add(owner);
    92. 

  92. 	}
    93. 

  93. 

  94. 	/* Check if we already know this subnet */
    95. 

  95. 

  96. 	if(lookup_subnet(owner, &s)) {
    97. 

  97. 		return true;
    98. 

  98. 	}
    99. 

  99. 

  100. 	/* If we don't know this subnet, but we are the owner, retaliate with a DEL_SUBNET */
    101. 

  101. 

  102. 	if(owner == myself) {
    103. 

  103. 		ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for ourself",
    104. 

  104. 		                         "ADD_SUBNET", c->name, c->hostname);
    105. 

  105. 		s.owner = myself;
    106. 

  106. 		send_del_subnet(c, &s);
    107. 

  107. 		return true;
    108. 

  108. 	}
    109. 

  109. 

  110. 	/* In tunnel server mode, we should already know all allowed subnets */
    111. 

  111. 

  112. 	if(tunnelserver) {
    113. 

  113. 		logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
    114. 

  114. 		       "ADD_SUBNET", c->name, c->hostname, subnetstr);
    115. 

  115. 		return true;
    116. 

  116. 	}
    117. 

  117. 

  118. 	/* Ignore if strictsubnets is true, but forward it to others */
    119. 

  119. 

  120. 	if(strictsubnets) {
    121. 

  121. 		logger(LOG_WARNING, "Ignoring unauthorized %s from %s (%s): %s",
    122. 

  122. 		       "ADD_SUBNET", c->name, c->hostname, subnetstr);
    123. 

  123. 		forward_request(c);
    124. 

  124. 		return true;
    125. 

  125. 	}
    126. 

  126. 

  127. 	/* If everything is correct, add the subnet to the list of the owner */
    128. 

  128. 

  129. 	*(new = new_subnet()) = s;
    130. 

  130. 	subnet_add(owner, new);
    131. 

  131. 

  132. 	if(owner->status.reachable) {
    133. 

  133. 		subnet_update(owner, new, true);
    134. 

  134. 	}
    135. 

  135. 

  136. 	/* Tell the rest */
    137. 

  137. 

  138. 	forward_request(c);
    139. 

  139. 

  140. 	/* Fast handoff of roaming MAC addresses */
    141. 

  141. 

  142. 	if(s.type == SUBNET_MAC && owner != myself && (old = lookup_subnet(myself, &s)) && old->expires) {
    143. 

  143. 		old->expires = now;
    144. 

  144. 	}
    145. 

  145. 

  146. 	return true;
    147. 

  147. }
    148. 

  148. 

  149. bool send_del_subnet(connection_t *c, const subnet_t *s) {
    150. 

  150. 	char netstr[MAXNETSTR];
    151. 

  151. 

  152. 	if(!net2str(netstr, sizeof(netstr), s)) {
    153. 

  153. 		return false;
    154. 

  154. 	}
    155. 

  155. 

  156. 	return send_request(c, "%d %x %s %s", DEL_SUBNET, rand(), s->owner->name, netstr);
    157. 

  157. }
    158. 

  158. 

  159. bool del_subnet_h(connection_t *c) {
    160. 

  160. 	char subnetstr[MAX_STRING_SIZE];
    161. 

  161. 	char name[MAX_STRING_SIZE];
    162. 

  162. 	node_t *owner;
    163. 

  163. 	subnet_t s = {0}, *find;
    164. 

  164. 

  165. 	if(sscanf(c->buffer, "%*d %*x " MAX_STRING " " MAX_STRING, name, subnetstr) != 2) {
    166. 

  166. 		logger(LOG_ERR, "Got bad %s from %s (%s)", "DEL_SUBNET", c->name,
    167. 

  167. 		       c->hostname);
    168. 

  168. 		return false;
    169. 

  169. 	}
    170. 

  170. 

  171. 	/* Check if owner name is valid */
    172. 

  172. 

  173. 	if(!check_id(name)) {
    174. 

  174. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "DEL_SUBNET", c->name,
    175. 

  175. 		       c->hostname, "invalid name");
    176. 

  176. 		return false;
    177. 

  177. 	}
    178. 

  178. 

  179. 	/* Check if subnet string is valid */
    180. 

  180. 

  181. 	if(!str2net(&s, subnetstr)) {
    182. 

  182. 		logger(LOG_ERR, "Got bad %s from %s (%s): %s", "DEL_SUBNET", c->name,
    183. 

  183. 		       c->hostname, "invalid subnet string");
    184. 

  184. 		return false;
    185. 

  185. 	}
    186. 

  186. 

  187. 	if(seen_request(c->buffer)) {
    188. 

  188. 		return true;
    189. 

  189. 	}
    190. 

  190. 

  191. 	/* Check if the owner of the subnet being deleted is in the connection list */
    192. 

  192. 

  193. 	owner = lookup_node(name);
    194. 

  194. 

  195. 	if(tunnelserver && owner != myself && owner != c->node) {
    196. 

  196. 		/* in case of tunnelserver, ignore indirect subnet deletion */
    197. 

  197. 		ifdebug(PROTOCOL) logger(LOG_WARNING, "Ignoring indirect %s from %s (%s) for %s",
    198. 

  198. 		                         "DEL_SUBNET", c->name, c->hostname, subnetstr);
    199. 

  199. 		return true;
    200. 

  200. 	}
    201. 

  201. 

  202. 	if(!owner) {
    203. 

  203. 		ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which is not in our node tree",
    204. 

  204. 		                         "DEL_SUBNET", c->name, c->hostname, name);
    205. 

  205. 		return true;
    206. 

  206. 	}
    207. 

  207. 

  208. 	/* If everything is correct, delete the subnet from the list of the owner */
    209. 

  209. 

  210. 	s.owner = owner;
    211. 

  211. 

  212. 	find = lookup_subnet(owner, &s);
    213. 

  213. 

  214. 	if(!find) {
    215. 

  215. 		ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for %s which does not appear in his subnet tree",
    216. 

  216. 		                         "DEL_SUBNET", c->name, c->hostname, name);
    217. 

  217. 

  218. 		if(strictsubnets) {
    219. 

  219. 			forward_request(c);
    220. 

  220. 		}
    221. 

  221. 

  222. 		return true;
    223. 

  223. 	}
    224. 

  224. 

  225. 	/* If we are the owner of this subnet, retaliate with an ADD_SUBNET */
    226. 

  226. 

  227. 	if(owner == myself) {
    228. 

  228. 		ifdebug(PROTOCOL) logger(LOG_WARNING, "Got %s from %s (%s) for ourself",
    229. 

  229. 		                         "DEL_SUBNET", c->name, c->hostname);
    230. 

  230. 		send_add_subnet(c, find);
    231. 

  231. 		return true;
    232. 

  232. 	}
    233. 

  233. 

  234. 	if(tunnelserver) {
    235. 

  235. 		return true;
    236. 

  236. 	}
    237. 

  237. 

  238. 	/* Tell the rest */
    239. 

  239. 

  240. 	forward_request(c);
    241. 

  241. 

  242. 	if(strictsubnets) {
    243. 

  243. 		return true;
    244. 

  244. 	}
    245. 

  245. 

  246. 	/* Finally, delete it. */
    247. 

  247. 

  248. 	if(owner->status.reachable) {
    249. 

  249. 		subnet_update(owner, find, false);
    250. 

  250. 	}
    251. 

  251. 

  252. 	subnet_del(owner, find);
    253. 

  253. 

  254. 	return true;
    255. 

  255. }
    256.