diff options
-rw-r--r-- | src/config.c | 36 | ||||
-rw-r--r-- | src/config.y | 16 | ||||
-rw-r--r-- | src/fastd.h | 2 | ||||
-rw-r--r-- | src/peer.c | 54 | ||||
-rw-r--r-- | src/peer.h | 7 | ||||
-rw-r--r-- | src/printf.c | 42 | ||||
-rw-r--r-- | src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c | 35 | ||||
-rw-r--r-- | src/protocol_null.c | 35 |
8 files changed, 92 insertions, 135 deletions
diff --git a/src/config.c b/src/config.c index 0b5450d..b53a0b9 100644 --- a/src/config.c +++ b/src/config.c @@ -53,14 +53,7 @@ static void default_config(fastd_config *conf) { conf->ifname = NULL; memset(&conf->bind_addr_in, 0, sizeof(struct sockaddr_in)); - conf->bind_addr_in.sin_family = AF_UNSPEC; - conf->bind_addr_in.sin_port = 0; - conf->bind_addr_in.sin_addr.s_addr = htonl(INADDR_ANY); - memset(&conf->bind_addr_in6, 0, sizeof(struct sockaddr_in6)); - conf->bind_addr_in6.sin6_family = AF_UNSPEC; - conf->bind_addr_in6.sin6_port = 0; - conf->bind_addr_in6.sin6_addr = in6addr_any; conf->mtu = 1500; conf->mode = MODE_TAP; @@ -135,7 +128,7 @@ void fastd_read_config(fastd_context *ctx, fastd_config *conf, const char *filen void fastd_configure(fastd_context *ctx, fastd_config *conf, int argc, char *const argv[]) { default_config(conf); - fastd_peer_config *current_peer; + fastd_peer_config *peer; int i = 1; const char *arg; long l; @@ -244,17 +237,8 @@ void fastd_configure(fastd_context *ctx, fastd_config *conf, int argc, char *con } IF_OPTION_ARG("-p", "--peer") { - current_peer = malloc(sizeof(fastd_peer_config)); - current_peer->next = conf->peers; - conf->peers = current_peer; - - current_peer->enabled = true; - current_peer->address.sa.sa_family = AF_UNSPEC; - current_peer->key = NULL; - current_peer->protocol_config = NULL; - + peer = fastd_peer_config_new(ctx, conf); - memset(¤t_peer->address, 0, sizeof(fastd_peer_address)); if (strcmp(arg, "float") == 0) continue; @@ -288,16 +272,16 @@ void fastd_configure(fastd_context *ctx, fastd_config *conf, int argc, char *con } if (arg[0] == '[') { - current_peer->address.in6.sin6_family = AF_INET6; - if (inet_pton(AF_INET6, addrstr, ¤t_peer->address.in6.sin6_addr) != 1) + peer->address.in6.sin6_family = AF_INET6; + if (inet_pton(AF_INET6, addrstr, &peer->address.in6.sin6_addr) != 1) exit_error(ctx, "invalid peer address `%s'", addrstr); - current_peer->address.in6.sin6_port = htons(l); + peer->address.in6.sin6_port = htons(l); } else { - current_peer->address.in.sin_family = AF_INET; - if (inet_pton(AF_INET, addrstr, ¤t_peer->address.in.sin_addr) != 1) + peer->address.in.sin_family = AF_INET; + if (inet_pton(AF_INET, addrstr, &peer->address.in.sin_addr) != 1) exit_error(ctx, "invalid peer address `%s'", addrstr); - current_peer->address.in.sin_port = htons(l); + peer->address.in.sin_port = htons(l); } free(addrstr); @@ -311,8 +295,8 @@ void fastd_configure(fastd_context *ctx, fastd_config *conf, int argc, char *con conf->n_v4 = 0; conf->n_v6 = 0; - for (current_peer = conf->peers; current_peer; current_peer = current_peer->next) { - switch (current_peer->address.sa.sa_family) { + for (peer = conf->peers; peer; peer = peer->next) { + switch (peer->address.sa.sa_family) { case AF_UNSPEC: conf->n_floating++; break; diff --git a/src/config.y b/src/config.y index 210a33d..6d005ac 100644 --- a/src/config.y +++ b/src/config.y @@ -103,7 +103,7 @@ mode: TOK_TAP { conf->mode = MODE_TAP; } | TOK_TUN { conf->mode = MODE_TUN; } ; -protocol: maybe_string { +protocol: TOK_STRING { if (!strcmp($1, "null")) conf->protocol = &fastd_protocol_null; #ifdef WITH_PROTOCOL_ECFXP @@ -119,16 +119,10 @@ secret: TOK_STRING { free(conf->secret); conf->secret = strdup($1); } ; peer: maybe_string { - fastd_peer_config *current_peer = malloc(sizeof(fastd_peer_config)); - current_peer->next = conf->peers; - conf->peers = current_peer; + fastd_peer_config_new(ctx, conf); - memset(¤t_peer->address, 0, sizeof(fastd_peer_address)); - - current_peer->enabled = true; - current_peer->address.sa.sa_family = AF_UNSPEC; - current_peer->key = NULL; - current_peer->protocol_config = NULL; + if ($1) + conf->peers->name = strdup($1); } ; @@ -161,7 +155,7 @@ include: TOK_STRING { fastd_read_config(ctx, conf, $1, depth); } maybe_string: TOK_STRING - | { $$ = ""; } + | { $$ = NULL; } ; maybe_port: ':' port { $$ = $2; } diff --git a/src/fastd.h b/src/fastd.h index b3d376e..5e7d4bc 100644 --- a/src/fastd.h +++ b/src/fastd.h @@ -65,8 +65,6 @@ struct _fastd_protocol { size_t (*min_encrypt_head_space)(fastd_context *ctx); size_t (*min_decrypt_head_space)(fastd_context *ctx); - char* (*peer_str)(const fastd_context *ctx, const fastd_peer *peer); - void (*init_peer)(fastd_context *ctx, fastd_peer *peer); void (*handle_recv)(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); @@ -31,24 +31,6 @@ #include "task.h" -const fastd_eth_addr* fastd_get_source_address(const fastd_context *ctx, fastd_buffer buffer) { - switch (ctx->conf->mode) { - case MODE_TAP: - return (fastd_eth_addr*)&((struct ethhdr*)buffer.data)->h_source; - default: - exit_bug(ctx, "invalid mode"); - } -} - -const fastd_eth_addr* fastd_get_dest_address(const fastd_context *ctx, fastd_buffer buffer) { - switch (ctx->conf->mode) { - case MODE_TAP: - return (fastd_eth_addr*)&((struct ethhdr*)buffer.data)->h_dest; - default: - exit_bug(ctx, "invalid mode"); - } -} - static inline void reset_peer(fastd_context *ctx, fastd_peer *peer) { ctx->conf->protocol->free_peer_state(ctx, peer); peer->protocol_state = NULL; @@ -81,6 +63,24 @@ static inline void setup_peer(fastd_context *ctx, fastd_peer *peer) { fastd_task_schedule_handshake(ctx, peer, 0); } + +fastd_peer_config* fastd_peer_config_new(fastd_context *ctx, fastd_config *conf) { + fastd_peer_config *peer = malloc(sizeof(fastd_peer_config)); + peer->enabled = true; + + memset(&peer->address, 0, sizeof(fastd_peer_address)); + + peer->name = NULL; + peer->key = NULL; + peer->protocol_config = NULL; + + peer->next = conf->peers; + conf->peers = peer; + + return peer; +} + + void fastd_peer_reset(fastd_context *ctx, fastd_peer *peer) { pr_debug(ctx, "resetting peer %P", peer); @@ -166,6 +166,24 @@ void fastd_peer_delete(fastd_context *ctx, fastd_peer *peer) { free(peer); } +const fastd_eth_addr* fastd_get_source_address(const fastd_context *ctx, fastd_buffer buffer) { + switch (ctx->conf->mode) { + case MODE_TAP: + return (fastd_eth_addr*)&((struct ethhdr*)buffer.data)->h_source; + default: + exit_bug(ctx, "invalid mode"); + } +} + +const fastd_eth_addr* fastd_get_dest_address(const fastd_context *ctx, fastd_buffer buffer) { + switch (ctx->conf->mode) { + case MODE_TAP: + return (fastd_eth_addr*)&((struct ethhdr*)buffer.data)->h_dest; + default: + exit_bug(ctx, "invalid mode"); + } +} + static inline int fastd_eth_addr_cmp(const fastd_eth_addr *addr1, const fastd_eth_addr *addr2) { return memcmp(addr1->data, addr2->data, ETH_ALEN); } @@ -56,6 +56,7 @@ struct _fastd_peer_config { fastd_peer_config *next; bool enabled; + char *name; fastd_peer_address address; char *key; @@ -70,16 +71,16 @@ struct _fastd_peer_eth_addr { }; -const fastd_eth_addr* fastd_get_source_address(const fastd_context *ctx, fastd_buffer buffer); -const fastd_eth_addr* fastd_get_dest_address(const fastd_context *ctx, fastd_buffer buffer); +fastd_peer_config* fastd_peer_config_new(fastd_context *ctx, fastd_config *conf); -void fastd_peer_disable(fastd_context *ctx, fastd_peer *peer); void fastd_peer_reset(fastd_context *ctx, fastd_peer *peer); fastd_peer* fastd_peer_add(fastd_context *ctx, fastd_peer_config *conf); fastd_peer* fastd_peer_add_temp(fastd_context *ctx, const fastd_peer_address *address); fastd_peer* fastd_peer_merge(fastd_context *ctx, fastd_peer *perm_peer, fastd_peer *temp_peer); void fastd_peer_delete(fastd_context *ctx, fastd_peer *peer); +const fastd_eth_addr* fastd_get_source_address(const fastd_context *ctx, fastd_buffer buffer); +const fastd_eth_addr* fastd_get_dest_address(const fastd_context *ctx, fastd_buffer buffer); static inline bool fastd_peer_config_is_floating(const fastd_peer_config *config) { return (config->address.sa.sa_family == AF_UNSPEC); diff --git a/src/printf.c b/src/printf.c index bef598c..15ca844 100644 --- a/src/printf.c +++ b/src/printf.c @@ -26,10 +26,40 @@ #include "fastd.h" +#include "peer.h" #include <arpa/inet.h> +static void print_default_peer_str(const fastd_context *ctx, const fastd_peer *peer) { + char addr_buf[INET6_ADDRSTRLEN] = ""; + char pl = '<', pr = '>'; + + if (fastd_peer_is_temporary(peer)) { + pl = '{'; + pr = '}'; + } + + switch (peer->address.sa.sa_family) { + case AF_UNSPEC: + fprintf(stderr, "%cfloating%c", pl, pr); + return; + + case AF_INET: + if (inet_ntop(AF_INET, &peer->address.in.sin_addr, addr_buf, sizeof(addr_buf))) + fprintf(stderr, "%c%s:%u%c", pl, addr_buf, ntohs(peer->address.in.sin_port), pr); + return; + + case AF_INET6: + if (inet_ntop(AF_INET6, &peer->address.in6.sin6_addr, addr_buf, sizeof(addr_buf))) + fprintf(stderr, "%c[%s]:%u%c", pl, addr_buf, ntohs(peer->address.in6.sin6_port), pr); + break; + + default: + exit_bug(ctx, "unsupported address family"); + } +} + #pragma GCC diagnostic ignored "-Wformat-security" void fastd_printf(const fastd_context *ctx, const char *format, ...) { @@ -51,6 +81,7 @@ void fastd_printf(const fastd_context *ctx, const char *format, ...) { bool finished = true; char addr_buf[INET6_ADDRSTRLEN]; void *p; + fastd_peer *peer; fastd_eth_addr *eth_addr; switch (str[len]) { @@ -180,12 +211,13 @@ void fastd_printf(const fastd_context *ctx, const char *format, ...) { break; case 'P': - p = va_arg(ap, void*); + peer = va_arg(ap, void*); - if (p) { - char* str = ctx->conf->protocol->peer_str(ctx, (fastd_peer*)p); - fprintf(stderr, "%s", str); - free(str); + if (peer) { + if (peer->config && peer->config->name) + fprintf(stderr, "%s", peer->config->name); + else + print_default_peer_str(ctx, peer); } else { fprintf(stderr, "(null)"); diff --git a/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c b/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c index 3b466a7..6f59323 100644 --- a/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c +++ b/src/protocol_ec25519_fhmqvc_xsalsa20_poly1305.c @@ -234,39 +234,6 @@ static size_t protocol_min_decrypt_head_space(fastd_context *ctx) { return (crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES - NONCEBYTES); } -static char* protocol_peer_str(const fastd_context *ctx, const fastd_peer *peer) { - char addr_buf[INET6_ADDRSTRLEN] = ""; - char *ret; - - const char *temp = fastd_peer_is_temporary(peer) ? " (temporary)" : ""; - - switch (peer->address.sa.sa_family) { - case AF_UNSPEC: - if (asprintf(&ret, "<floating>%s", temp) > 0) - return ret; - break; - - case AF_INET: - if (inet_ntop(AF_INET, &peer->address.in.sin_addr, addr_buf, sizeof(addr_buf))) { - if (asprintf(&ret, "%s:%u%s", addr_buf, ntohs(peer->address.in.sin_port), temp) > 0) - return ret; - } - break; - - case AF_INET6: - if (inet_ntop(AF_INET6, &peer->address.in6.sin6_addr, addr_buf, sizeof(addr_buf))) { - if (asprintf(&ret, "[%s]:%u%s", addr_buf, ntohs(peer->address.in6.sin6_port), temp) > 0) - return ret; - } - break; - - default: - exit_bug(ctx, "unsupported address family"); - } - - return NULL; -} - static void create_peer_state(fastd_context *ctx, fastd_peer *peer) { peer->protocol_state = malloc(sizeof(fastd_protocol_peer_state)); @@ -683,8 +650,6 @@ const fastd_protocol fastd_protocol_ec25519_fhmqvc_xsalsa20_poly1305 = { .min_encrypt_head_space = protocol_min_encrypt_head_space, .min_decrypt_head_space = protocol_min_decrypt_head_space, - .peer_str = protocol_peer_str, - .init_peer = protocol_init_peer, .handle_recv = protocol_handle_recv, .send = protocol_send, diff --git a/src/protocol_null.c b/src/protocol_null.c index 4772739..71957e2 100644 --- a/src/protocol_null.c +++ b/src/protocol_null.c @@ -47,39 +47,6 @@ static size_t protocol_min_head_space(fastd_context *ctx) { return 0; } -static char* protocol_peer_str(const fastd_context *ctx, const fastd_peer *peer) { - char addr_buf[INET6_ADDRSTRLEN] = ""; - char *ret; - - const char *temp = fastd_peer_is_temporary(peer) ? " (temporary)" : ""; - - switch (peer->address.sa.sa_family) { - case AF_UNSPEC: - if (asprintf(&ret, "<floating>%s", temp) > 0) - return ret; - break; - - case AF_INET: - if (inet_ntop(AF_INET, &peer->address.in.sin_addr, addr_buf, sizeof(addr_buf))) { - if (asprintf(&ret, "%s:%u%s", addr_buf, ntohs(peer->address.in.sin_port), temp) > 0) - return ret; - } - break; - - case AF_INET6: - if (inet_ntop(AF_INET6, &peer->address.in6.sin6_addr, addr_buf, sizeof(addr_buf))) { - if (asprintf(&ret, "[%s]:%u%s", addr_buf, ntohs(peer->address.in6.sin6_port), temp) > 0) - return ret; - } - break; - - default: - exit_bug(ctx, "unsupported address family"); - } - - return NULL; -} - static void protocol_init_peer(fastd_context *ctx, fastd_peer *peer) { pr_info(ctx, "Connection with %P established.", peer); @@ -131,8 +98,6 @@ const fastd_protocol fastd_protocol_null = { .min_encrypt_head_space = protocol_min_head_space, .min_decrypt_head_space = protocol_min_head_space, - .peer_str = protocol_peer_str, - .init_peer = protocol_init_peer, .handle_recv = protocol_handle_recv, .send = protocol_send, |