summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Doxyfile.in2
-rw-r--r--cmake/config.cmake2
-rw-r--r--src/async.c4
-rw-r--r--src/config.c2
-rw-r--r--src/config.y2
-rw-r--r--src/fastd.c2
-rw-r--r--src/fastd.h8
-rw-r--r--src/fastd_config.h.in2
-rw-r--r--src/options.c2
-rw-r--r--src/options.def.h2
-rw-r--r--src/peer.c4
-rw-r--r--src/peer.h6
-rw-r--r--src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c2
-rw-r--r--src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h2
-rw-r--r--src/protocols/ec25519_fhmqvc/handshake.c6
-rw-r--r--src/verify.c4
-rw-r--r--src/verify.h4
17 files changed, 28 insertions, 28 deletions
diff --git a/Doxyfile.in b/Doxyfile.in
index 8acbb52..078a644 100644
--- a/Doxyfile.in
+++ b/Doxyfile.in
@@ -1945,7 +1945,7 @@ INCLUDE_FILE_PATTERNS =
PREDEFINED = __attribute__(x)= \
VECTOR(x):=VECTOR<x> \
WITH_CAPABILITIES \
- WITH_VERIFY \
+ WITH_DYNAMIC_PEERS \
WITH_CMDLINE_USER \
WITH_CMDLINE_LOGGING \
WITH_CMDLINE_OPERATION \
diff --git a/cmake/config.cmake b/cmake/config.cmake
index c40ee9f..c1fd68b 100644
--- a/cmake/config.cmake
+++ b/cmake/config.cmake
@@ -43,7 +43,7 @@ set(WITH_CMDLINE_LOGGING TRUE CACHE BOOL "Include support for setting logging re
set(WITH_CMDLINE_OPERATION TRUE CACHE BOOL "Include support for setting options related to the VPN operation (like mode, interface, encryption method) on the command line")
set(WITH_CMDLINE_COMMANDS TRUE CACHE BOOL "Include support for setting handler scripts (e.g. --on-up) on the command line")
-set(WITH_VERIFY TRUE CACHE BOOL "Include support for on-verify handlers")
+set(WITH_DYNAMIC_PEERS TRUE CACHE BOOL "Include support for dynamic peers (using on-verify handlers)")
set(MAX_CONFIG_DEPTH 10 CACHE STRING "Maximum config include depth")
diff --git a/src/async.c b/src/async.c
index 4348194..3ab5f5d 100644
--- a/src/async.c
+++ b/src/async.c
@@ -73,7 +73,7 @@ static void handle_resolve_return(const fastd_async_resolve_return_t *resolve_re
fastd_peer_handle_resolve(peer, remote, resolve_return->n_addr, resolve_return->addr);
}
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
/** Handles a on-verify response */
static void handle_verify_return(const fastd_async_verify_return_t *verify_return) {
@@ -123,7 +123,7 @@ void fastd_async_handle(void) {
handle_resolve_return((const fastd_async_resolve_return_t *)buf);
break;
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
case ASYNC_TYPE_VERIFY_RETURN:
handle_verify_return((const fastd_async_verify_return_t *)buf);
break;
diff --git a/src/config.c b/src/config.c
index daa2606..842e6cc 100644
--- a/src/config.c
+++ b/src/config.c
@@ -682,7 +682,7 @@ void fastd_config_release(void) {
fastd_shell_command_unset(&conf.on_connect);
fastd_shell_command_unset(&conf.on_establish);
fastd_shell_command_unset(&conf.on_disestablish);
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
fastd_shell_command_unset(&conf.on_verify);
#endif
diff --git a/src/config.y b/src/config.y
index 3513216..9b5d13d 100644
--- a/src/config.y
+++ b/src/config.y
@@ -412,7 +412,7 @@ on_disestablish: sync_def_async TOK_STRING {
;
on_verify: sync_def_async TOK_STRING {
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
fastd_shell_command_set(&conf.on_verify, $2->str, $1);
#else
fastd_config_error(&@$, state, "`on verify' is not supported by this version of fastd");
diff --git a/src/fastd.c b/src/fastd.c
index e7f7621..e39a1bc 100644
--- a/src/fastd.c
+++ b/src/fastd.c
@@ -536,7 +536,7 @@ static inline void init(int argc, char *argv[]) {
VECTOR_ALLOC(ctx.peers, 0);
VECTOR_ALLOC(ctx.async_pids, 0);
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
fastd_sem_init(&ctx.verify_limit, VERIFY_LIMIT);
#endif
diff --git a/src/fastd.h b/src/fastd.h
index fcd8676..ccc99b0 100644
--- a/src/fastd.h
+++ b/src/fastd.h
@@ -89,7 +89,7 @@ struct fastd_protocol {
/** Handles a handshake for the given peer */
void (*handshake_handle)(fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake, const fastd_method_info_t *method);
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
/** Handles an asynchrounous on-verify command return */
void (*handle_verify_return)(fastd_peer_t *peer, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, const fastd_method_info_t *method, const void *protocol_data, bool ok);
#endif
@@ -217,7 +217,7 @@ struct fastd_config {
fastd_shell_command_t on_connect; /**< The command to execute before a handshake is sent to establish a new connection */
fastd_shell_command_t on_establish; /**< The command to execute when a new connection has been established */
fastd_shell_command_t on_disestablish; /**< The command to execute when a connection has been disestablished */
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
fastd_shell_command_t on_verify; /**< The command to execute to check if a connection from an unknown peer should be allowed */
#endif
@@ -246,7 +246,7 @@ struct fastd_context {
uint64_t next_peer_id; /**< An monotonously increasing ID peers are identified with in some components */
VECTOR(fastd_peer_t*) peers; /**< The currectly active peers */
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
fastd_sem_t verify_limit; /**< Keeps track of the number of verifier threads */
#endif
@@ -472,7 +472,7 @@ static inline void fastd_update_time(void) {
/** Checks if a on-verify command is set */
static inline bool fastd_allow_verify(void) {
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
return fastd_shell_command_isset(&conf.on_verify);
#else
return false;
diff --git a/src/fastd_config.h.in b/src/fastd_config.h.in
index ba57aca..0860ab7 100644
--- a/src/fastd_config.h.in
+++ b/src/fastd_config.h.in
@@ -83,7 +83,7 @@
#cmakedefine WITH_CMDLINE_COMMANDS
/** Defined if on-verify support is enabled */
-#cmakedefine WITH_VERIFY
+#cmakedefine WITH_DYNAMIC_PEERS
/** Defined if systemd support is enabled */
#cmakedefine ENABLE_SYSTEMD
diff --git a/src/options.c b/src/options.c
index bce724e..e3cf78a 100644
--- a/src/options.c
+++ b/src/options.c
@@ -353,7 +353,7 @@ static void option_on_disestablish(const char *arg) {
fastd_shell_command_set(&conf.on_disestablish, arg, false);
}
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
/** Handles the --on-verify option */
static void option_on_verify(const char *arg) {
diff --git a/src/options.def.h b/src/options.def.h
index 0f4c108..114b6e9 100644
--- a/src/options.def.h
+++ b/src/options.def.h
@@ -43,7 +43,7 @@ OPTION_ARG(option_on_post_down, "--on-post-down", "<command>", "Sets a shell com
OPTION_ARG(option_on_connect, "--on-connect", "<command>", "Sets a shell command to execute when a handshake is sent to establish a new connection");
OPTION_ARG(option_on_establish, "--on-establish", "<command>", "Sets a shell command to execute when a new connection is established");
OPTION_ARG(option_on_disestablish, "--on-disestablish", "<command>", "Sets a shell command to execute when a connection is lost");
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
OPTION_ARG(option_on_verify, "--on-verify", "<command>", "Sets a shell command to execute to check a connection attempt by an unknown peer");
#endif
SEPARATOR;
diff --git a/src/peer.c b/src/peer.c
index 20058fb..ac711f0 100644
--- a/src/peer.c
+++ b/src/peer.c
@@ -738,7 +738,7 @@ fastd_peer_t* fastd_peer_add(fastd_peer_config_t *peer_conf) {
pr_verbose("adding peer %P (group `%s')", peer, fastd_peer_get_group(peer)->name);
}
else {
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
if (!fastd_shell_command_isset(&conf.on_verify))
exit_bug("tried to add dynamic peer without on-verify command");
@@ -913,7 +913,7 @@ static bool maintain_peer(fastd_peer_t *peer) {
if (fastd_peer_is_dynamic(peer) || fastd_peer_is_established(peer)) {
/* check for peer timeout */
if (fastd_timed_out(&peer->timeout)) {
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
if (fastd_peer_is_dynamic(peer) &&
fastd_timed_out(&peer->verify_timeout) &&
fastd_timed_out(&peer->verify_valid_timeout)) {
diff --git a/src/peer.h b/src/peer.h
index 3451343..c73f2ea 100644
--- a/src/peer.h
+++ b/src/peer.h
@@ -73,7 +73,7 @@ struct fastd_peer {
struct timespec establish_handshake_timeout; /**< A timeout during which all handshakes for this peer will be ignored after a new connection has been established */
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
bool dynamic; /**< Specifies if the peer has been added dynamically by a on-verify script */
struct timespec verify_timeout; /**< Specifies the minimum time after which on-verify may be run again */
@@ -202,7 +202,7 @@ static inline void fastd_peer_unschedule_handshake(fastd_peer_t *peer) {
fastd_dlist_remove(&peer->handshake_entry);
}
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
/** Call to signal that there is currently an asychronous on-verify command running for the peer */
static inline void fastd_peer_set_verifying(fastd_peer_t *peer) {
peer->verify_timeout = fastd_in_seconds(MIN_VERIFY_INTERVAL);
@@ -231,7 +231,7 @@ static inline bool fastd_peer_is_floating(const fastd_peer_t *peer) {
/** Checks if a peer is not statically configured, but added after a on-verify run */
static inline bool fastd_peer_is_dynamic(const fastd_peer_t *peer UNUSED) {
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
return peer->dynamic;
#else
return false;
diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c
index 67dfac6..d952a5e 100644
--- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c
+++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.c
@@ -223,7 +223,7 @@ const fastd_protocol_t fastd_protocol_ec25519_fhmqvc = {
.handshake_init = fastd_protocol_ec25519_fhmqvc_handshake_init,
.handshake_handle = fastd_protocol_ec25519_fhmqvc_handshake_handle,
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
.handle_verify_return = fastd_protocol_ec25519_fhmqvc_handle_verify_return,
#endif
diff --git a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
index b0101ac..529dd15 100644
--- a/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
+++ b/src/protocols/ec25519_fhmqvc/ec25519_fhmqvc.h
@@ -112,7 +112,7 @@ void fastd_protocol_ec25519_fhmqvc_free_peer_state(fastd_peer_t *peer);
void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer);
void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, fastd_peer_t *peer, const fastd_handshake_t *handshake, const fastd_method_info_t *method);
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
void fastd_protocol_ec25519_fhmqvc_handle_verify_return(fastd_peer_t *peer, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, const fastd_method_info_t *method, const void *protocol_data, bool ok);
#endif
diff --git a/src/protocols/ec25519_fhmqvc/handshake.c b/src/protocols/ec25519_fhmqvc/handshake.c
index 7fcc40c..fb4fd1e 100644
--- a/src/protocols/ec25519_fhmqvc/handshake.c
+++ b/src/protocols/ec25519_fhmqvc/handshake.c
@@ -553,7 +553,7 @@ bool fastd_protocol_ec25519_fhmqvc_peer_check_dynamic(fastd_peer_t *peer) {
}
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
/** Data attached to an asynchronous on-verify run */
typedef struct verify_data {
@@ -635,7 +635,7 @@ static inline fastd_peer_t * add_dynamic(fastd_socket_t *sock UNUSED, const fast
return NULL;
}
-#endif /* WITH_VERIFY */
+#endif /* WITH_DYNAMIC_PEERS */
/** Handles a received handshake packet */
@@ -689,7 +689,7 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_socket_t *sock, const
}
}
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
if (fastd_peer_is_dynamic(peer)) {
if (!handle_dynamic(sock, local_addr, remote_addr, peer, handshake, method))
return;
diff --git a/src/verify.c b/src/verify.c
index 308104d..f8be3d9 100644
--- a/src/verify.c
+++ b/src/verify.c
@@ -33,7 +33,7 @@
#include "verify.h"
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
#include "async.h"
#include "shell.h"
@@ -142,4 +142,4 @@ fastd_tristate_t fastd_verify_peer(fastd_peer_t *peer, fastd_socket_t *sock, con
}
}
-#endif /* WITH_VERIFY */
+#endif /* WITH_DYNAMIC_PEERS */
diff --git a/src/verify.h b/src/verify.h
index c2b1ee3..f8d98a1 100644
--- a/src/verify.h
+++ b/src/verify.h
@@ -34,8 +34,8 @@
#include "types.h"
-#ifdef WITH_VERIFY
+#ifdef WITH_DYNAMIC_PEERS
fastd_tristate_t fastd_verify_peer(fastd_peer_t *peer, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, const fastd_method_info_t *method, const void *data, size_t data_len);
-#endif /* WITH_VERIFY */
+#endif /* WITH_DYNAMIC_PEERS */