summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2013-02-27 04:42:50 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2013-02-27 04:42:50 +0100
commitddb4831f065b6e539d33051fb4c94711e06ed72f (patch)
tree8c2e74da542cce596f68c4fcdfd0f3462e1a513e
parent3fb7af313fbfef9e0b8195cc44b176dd3fccb15e (diff)
downloadfastd-ddb4831f065b6e539d33051fb4c94711e06ed72f.tar
fastd-ddb4831f065b6e539d33051fb4c94711e06ed72f.zip
Don't set the peer address for temporary peers before the session is actually established
Doing so could lead to duplicate address entries in different peers, causing very strange behaviour. Add additional parameters for the local and the peer address to fastd_shell_exec() to allow the on-verify script to use this information nevertheless.
-rw-r--r--src/fastd.c4
-rw-r--r--src/fastd.h2
-rw-r--r--src/peer.c16
-rw-r--r--src/peer.h4
-rw-r--r--src/protocol_ec25519_fhmqvc.c4
-rw-r--r--src/shell.c22
6 files changed, 25 insertions, 27 deletions
diff --git a/src/fastd.c b/src/fastd.c
index 89125a9..5b0316f 100644
--- a/src/fastd.c
+++ b/src/fastd.c
@@ -567,14 +567,14 @@ static inline void on_up(fastd_context_t *ctx) {
if (!ctx->conf->on_up)
return;
- fastd_shell_exec(ctx, NULL, ctx->conf->on_up, ctx->conf->on_up_dir, NULL);
+ fastd_shell_exec(ctx, ctx->conf->on_up, ctx->conf->on_up_dir, NULL, NULL, NULL, NULL);
}
static inline void on_down(fastd_context_t *ctx) {
if (!ctx->conf->on_down)
return;
- fastd_shell_exec(ctx, NULL, ctx->conf->on_down, ctx->conf->on_down_dir, NULL);
+ fastd_shell_exec(ctx, ctx->conf->on_down, ctx->conf->on_down_dir, NULL, NULL, NULL, NULL);
}
static fastd_peer_group_t* init_peer_group(const fastd_peer_group_config_t *config, fastd_peer_group_t *parent) {
diff --git a/src/fastd.h b/src/fastd.h
index 3ee445f..391b47a 100644
--- a/src/fastd.h
+++ b/src/fastd.h
@@ -332,7 +332,7 @@ void fastd_reconfigure(fastd_context_t *ctx, fastd_config_t *conf);
void fastd_cap_init(fastd_context_t *ctx);
void fastd_cap_drop(fastd_context_t *ctx);
-bool fastd_shell_exec(fastd_context_t *ctx, const fastd_peer_t *peer, const char *command, const char *dir, int *ret);
+bool fastd_shell_exec(fastd_context_t *ctx, const char *command, const char *dir, const fastd_peer_t *peer, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *peer_addr, int *ret);
void fastd_random_bytes(fastd_context_t *ctx, void *buffer, size_t len, bool secure);
diff --git a/src/peer.c b/src/peer.c
index e713cbe..a20e0c8 100644
--- a/src/peer.c
+++ b/src/peer.c
@@ -36,14 +36,14 @@ static inline void on_establish(fastd_context_t *ctx, const fastd_peer_t *peer)
if (!ctx->conf->on_establish)
return;
- fastd_shell_exec(ctx, peer, ctx->conf->on_establish, ctx->conf->on_establish_dir, NULL);
+ fastd_shell_exec(ctx, ctx->conf->on_establish, ctx->conf->on_establish_dir, peer, &peer->sock->addr->addr, &peer->address, NULL);
}
static inline void on_disestablish(fastd_context_t *ctx, const fastd_peer_t *peer) {
if (!ctx->conf->on_disestablish)
return;
- fastd_shell_exec(ctx, peer, ctx->conf->on_disestablish, ctx->conf->on_disestablish_dir, NULL);
+ fastd_shell_exec(ctx, ctx->conf->on_disestablish, ctx->conf->on_disestablish_dir, peer, &peer->sock->addr->addr, &peer->address, NULL);
}
static inline void free_socket(fastd_context_t *ctx, fastd_peer_t *peer) {
@@ -411,7 +411,7 @@ fastd_peer_t* fastd_peer_add(fastd_context_t *ctx, fastd_peer_config_t *peer_con
return peer;
}
-fastd_peer_t* fastd_peer_add_temporary(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *addr) {
+fastd_peer_t* fastd_peer_add_temporary(fastd_context_t *ctx) {
if (!ctx->conf->on_verify)
exit_bug(ctx, "tried to add temporary peer without on-verify command");
@@ -423,23 +423,21 @@ fastd_peer_t* fastd_peer_add_temporary(fastd_context_t *ctx, fastd_socket_t *soc
peer->config = NULL;
peer->group = ctx->peer_group;
peer->protocol_state = NULL;
- peer->sock = sock;
+ peer->sock = NULL;
peer->seen = ctx->now;
setup_peer(ctx, peer);
- peer->address = *addr;
-
- pr_debug(ctx, "adding temporary peer for %I", addr);
+ pr_debug(ctx, "adding temporary peer");
return peer;
}
-bool fastd_peer_verify_temporary(fastd_context_t *ctx, fastd_peer_t *peer) {
+bool fastd_peer_verify_temporary(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *peer_addr) {
if (!ctx->conf->on_verify)
exit_bug(ctx, "tried to verify temporary peer without on-verify command");
int ret;
- if (!fastd_shell_exec(ctx, peer, ctx->conf->on_verify, ctx->conf->on_verify_dir, &ret))
+ if (!fastd_shell_exec(ctx, ctx->conf->on_verify, ctx->conf->on_verify_dir, peer, local_addr, peer_addr, &ret))
return false;
if (WIFSIGNALED(ret)) {
diff --git a/src/peer.h b/src/peer.h
index eb72435..dde19dd 100644
--- a/src/peer.h
+++ b/src/peer.h
@@ -91,8 +91,8 @@ bool fastd_peer_config_equal(const fastd_peer_config_t *peer1, const fastd_peer_
void fastd_peer_reset(fastd_context_t *ctx, fastd_peer_t *peer);
void fastd_peer_delete(fastd_context_t *ctx, fastd_peer_t *peer);
fastd_peer_t* fastd_peer_add(fastd_context_t *ctx, fastd_peer_config_t *conf);
-fastd_peer_t* fastd_peer_add_temporary(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *addr);
-bool fastd_peer_verify_temporary(fastd_context_t *ctx, fastd_peer_t *peer);
+fastd_peer_t* fastd_peer_add_temporary(fastd_context_t *ctx);
+bool fastd_peer_verify_temporary(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *peer_addr);
void fastd_peer_enable_temporary(fastd_context_t *ctx, fastd_peer_t *peer);
void fastd_peer_set_established(fastd_context_t *ctx, fastd_peer_t *peer);
bool fastd_peer_may_connect(fastd_context_t *ctx, fastd_peer_t *peer);
diff --git a/src/protocol_ec25519_fhmqvc.c b/src/protocol_ec25519_fhmqvc.c
index 4b0e997..061726f 100644
--- a/src/protocol_ec25519_fhmqvc.c
+++ b/src/protocol_ec25519_fhmqvc.c
@@ -568,7 +568,7 @@ static inline fastd_peer_t* add_temporary(fastd_context_t *ctx, fastd_socket_t *
return NULL;
}
- fastd_peer_t *peer = fastd_peer_add_temporary(ctx, sock, address);
+ fastd_peer_t *peer = fastd_peer_add_temporary(ctx);
peer->protocol_config = malloc(sizeof(fastd_protocol_peer_config_t));
memcpy(peer->protocol_config->public_key.p, key, PUBLICKEYBYTES);
@@ -576,7 +576,7 @@ static inline fastd_peer_t* add_temporary(fastd_context_t *ctx, fastd_socket_t *
/* Ugly hack */
peer->protocol_state->last_serial--;
- if (!fastd_peer_verify_temporary(ctx, peer)) {
+ if (!fastd_peer_verify_temporary(ctx, peer, &sock->addr->addr, address)) {
fastd_peer_delete(ctx, peer);
return NULL;
}
diff --git a/src/shell.c b/src/shell.c
index 93a07d6..80f925e 100644
--- a/src/shell.c
+++ b/src/shell.c
@@ -31,7 +31,7 @@
#include <arpa/inet.h>
-bool fastd_shell_exec(fastd_context_t *ctx, const fastd_peer_t *peer, const char *command, const char *dir, int *ret) {
+bool fastd_shell_exec(fastd_context_t *ctx, const char *command, const char *dir, const fastd_peer_t *peer, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *peer_addr, int *ret) {
int result = -1;
bool ok = false;
char *cwd = get_current_dir_name();
@@ -52,21 +52,21 @@ bool fastd_shell_exec(fastd_context_t *ctx, const fastd_peer_t *peer, const char
else
unsetenv("PEER_NAME");
- switch((peer && peer->sock) ? peer->sock->addr->addr.sa.sa_family : AF_UNSPEC) {
+ switch(local_addr ? local_addr->sa.sa_family : AF_UNSPEC) {
case AF_INET:
- inet_ntop(AF_INET, &peer->sock->addr->addr.in.sin_addr, buf, sizeof(buf));
+ inet_ntop(AF_INET, &local_addr->in.sin_addr, buf, sizeof(buf));
setenv("LOCAL_ADDRESS", buf, 1);
- snprintf(buf, sizeof(buf), "%u", ntohs(peer->sock->addr->addr.in.sin_port));
+ snprintf(buf, sizeof(buf), "%u", ntohs(local_addr->in.sin_port));
setenv("LOCAL_PORT", buf, 1);
break;
case AF_INET6:
- inet_ntop(AF_INET6, &peer->sock->addr->addr.in6.sin6_addr, buf, sizeof(buf));
+ inet_ntop(AF_INET6, &local_addr->in6.sin6_addr, buf, sizeof(buf));
setenv("LOCAL_ADDRESS", buf, 1);
- snprintf(buf, sizeof(buf), "%u", ntohs(peer->sock->addr->addr.in6.sin6_port));
+ snprintf(buf, sizeof(buf), "%u", ntohs(local_addr->in6.sin6_port));
setenv("LOCAL_PORT", buf, 1);
break;
@@ -76,21 +76,21 @@ bool fastd_shell_exec(fastd_context_t *ctx, const fastd_peer_t *peer, const char
unsetenv("LOCAL_PORT");
}
- switch(peer ? peer->address.sa.sa_family : AF_UNSPEC) {
+ switch(peer_addr ? peer_addr->sa.sa_family : AF_UNSPEC) {
case AF_INET:
- inet_ntop(AF_INET, &peer->address.in.sin_addr, buf, sizeof(buf));
+ inet_ntop(AF_INET, &peer_addr->in.sin_addr, buf, sizeof(buf));
setenv("PEER_ADDRESS", buf, 1);
- snprintf(buf, sizeof(buf), "%u", ntohs(peer->address.in.sin_port));
+ snprintf(buf, sizeof(buf), "%u", ntohs(peer_addr->in.sin_port));
setenv("PEER_PORT", buf, 1);
break;
case AF_INET6:
- inet_ntop(AF_INET6, &peer->address.in6.sin6_addr, buf, sizeof(buf));
+ inet_ntop(AF_INET6, &peer_addr->in6.sin6_addr, buf, sizeof(buf));
setenv("PEER_ADDRESS", buf, 1);
- snprintf(buf, sizeof(buf), "%u", ntohs(peer->address.in6.sin6_port));
+ snprintf(buf, sizeof(buf), "%u", ntohs(peer_addr->in6.sin6_port));
setenv("PEER_PORT", buf, 1);
break;