diff options
Diffstat (limited to 'src/config.c')
-rw-r--r-- | src/config.c | 388 |
1 files changed, 197 insertions, 191 deletions
diff --git a/src/config.c b/src/config.c index c38dc4c..fbddd7f 100644 --- a/src/config.c +++ b/src/config.c @@ -43,55 +43,58 @@ #include <sys/types.h> +fastd_config_t conf = {}; + + extern const fastd_protocol_t fastd_protocol_ec25519_fhmqvc; -static void default_config(fastd_config_t *conf) { - memset(conf, 0, sizeof(fastd_config_t)); +static void default_config(void) { + memset(&conf, 0, sizeof(fastd_config_t)); - conf->log_syslog_ident = strdup("fastd"); + conf.log_syslog_ident = strdup("fastd"); - conf->maintenance_interval = 10; - conf->keepalive_timeout = 15; - conf->peer_stale_time = 90; - conf->eth_addr_stale_time = 300; + conf.maintenance_interval = 10; + conf.keepalive_timeout = 15; + conf.peer_stale_time = 90; + conf.eth_addr_stale_time = 300; - conf->reorder_time = 10; + conf.reorder_time = 10; - conf->min_handshake_interval = 15; - conf->min_resolve_interval = 15; + conf.min_handshake_interval = 15; + conf.min_resolve_interval = 15; - conf->mtu = 1500; - conf->mode = MODE_TAP; + conf.mtu = 1500; + conf.mode = MODE_TAP; - conf->secure_handshakes = true; - conf->drop_caps = DROP_CAPS_ON; + conf.secure_handshakes = true; + conf.drop_caps = DROP_CAPS_ON; - conf->protocol = &fastd_protocol_ec25519_fhmqvc; - conf->key_valid = 3600; /* 60 minutes */ - conf->key_valid_old = 60; /* 1 minute */ - conf->key_refresh = 3300; /* 55 minutes */ - conf->key_refresh_splay = 300; /* 5 minutes */ + conf.protocol = &fastd_protocol_ec25519_fhmqvc; + conf.key_valid = 3600; /* 60 minutes */ + conf.key_valid_old = 60; /* 1 minute */ + conf.key_refresh = 3300; /* 55 minutes */ + conf.key_refresh_splay = 300; /* 5 minutes */ - conf->peer_group = calloc(1, sizeof(fastd_peer_group_config_t)); - conf->peer_group->name = strdup("default"); - conf->peer_group->max_connections = -1; + conf.peer_group = calloc(1, sizeof(fastd_peer_group_config_t)); + conf.peer_group->name = strdup("default"); + conf.peer_group->max_connections = -1; - conf->ciphers = fastd_cipher_config_alloc(); - conf->macs = fastd_mac_config_alloc(); + conf.ciphers = fastd_cipher_config_alloc(); + conf.macs = fastd_mac_config_alloc(); } -void fastd_config_protocol(fastd_context_t *ctx UNUSED, fastd_config_t *conf, const char *name) { +void fastd_config_protocol(fastd_context_t *ctx UNUSED, const char *name) { if (!strcmp(name, "ec25519-fhmqvc")) - conf->protocol = &fastd_protocol_ec25519_fhmqvc; + conf.protocol = &fastd_protocol_ec25519_fhmqvc; else exit_error(ctx, "config error: protocol `%s' not supported", name); } -void fastd_config_method(fastd_context_t *ctx, fastd_config_t *conf, const char *name) { +void fastd_config_method(fastd_context_t *ctx, const char *name) { fastd_string_stack_t **method; - for (method = &conf->method_list; *method; method = &(*method)->next) { + for (method = &conf.method_list; *method; method = &(*method)->next) { if (!strcmp((*method)->str, name)) { pr_debug(ctx, "duplicate method name `%s', ignoring", name); return; @@ -101,17 +104,17 @@ void fastd_config_method(fastd_context_t *ctx, fastd_config_t *conf, const char *method = fastd_string_stack_dup(name); } -void fastd_config_cipher(fastd_context_t *ctx, fastd_config_t *conf, const char *name, const char *impl) { - if (!fastd_cipher_config(conf->ciphers, name, impl)) +void fastd_config_cipher(fastd_context_t *ctx, const char *name, const char *impl) { + if (!fastd_cipher_config(conf.ciphers, name, impl)) exit_error(ctx, "config error: implementation `%s' is not supported for cipher `%s' (or cipher `%s' is not supported)", impl, name, name); } -void fastd_config_mac(fastd_context_t *ctx, fastd_config_t *conf, const char *name, const char *impl) { - if (!fastd_mac_config(conf->macs, name, impl)) +void fastd_config_mac(fastd_context_t *ctx, const char *name, const char *impl) { + if (!fastd_mac_config(conf.macs, name, impl)) exit_error(ctx, "config error: implementation `%s' is not supported for MAC `%s' (or MAC `%s' is not supported)", impl, name, name); } -void fastd_config_bind_address(fastd_context_t *ctx UNUSED, fastd_config_t *conf, const fastd_peer_address_t *address, const char *bindtodev, bool default_v4, bool default_v6) { +void fastd_config_bind_address(fastd_context_t *ctx UNUSED, const fastd_peer_address_t *address, const char *bindtodev, bool default_v4, bool default_v6) { #ifndef USE_BINDTODEVICE if (bindtodev && !fastd_peer_address_is_v6_ll(address)) exit_error(ctx, "config error: device bind configuration not supported on this system"); @@ -122,44 +125,44 @@ void fastd_config_bind_address(fastd_context_t *ctx UNUSED, fastd_config_t *conf fastd_peer_address_t addr4 = { .in = { .sin_family = AF_INET, .sin_port = address->in.sin_port } }; fastd_peer_address_t addr6 = { .in6 = { .sin6_family = AF_INET6, .sin6_port = address->in.sin_port } }; - fastd_config_bind_address(ctx, conf, &addr4, bindtodev, default_v4, default_v6); - fastd_config_bind_address(ctx, conf, &addr6, bindtodev, default_v4, default_v6); + fastd_config_bind_address(ctx, &addr4, bindtodev, default_v4, default_v6); + fastd_config_bind_address(ctx, &addr6, bindtodev, default_v4, default_v6); return; } #endif fastd_bind_address_t *addr = malloc(sizeof(fastd_bind_address_t)); - addr->next = conf->bind_addrs; - conf->bind_addrs = addr; - conf->n_bind_addrs++; + addr->next = conf.bind_addrs; + conf.bind_addrs = addr; + conf.n_bind_addrs++; addr->addr = *address; addr->bindtodev = bindtodev ? strdup(bindtodev) : NULL; fastd_peer_address_simplify(&addr->addr); - if (addr->addr.sa.sa_family != AF_INET6 && (default_v4 || !conf->bind_addr_default_v4)) - conf->bind_addr_default_v4 = addr; + if (addr->addr.sa.sa_family != AF_INET6 && (default_v4 || !conf.bind_addr_default_v4)) + conf.bind_addr_default_v4 = addr; - if (addr->addr.sa.sa_family != AF_INET && (default_v6 || !conf->bind_addr_default_v6)) - conf->bind_addr_default_v6 = addr; + if (addr->addr.sa.sa_family != AF_INET && (default_v6 || !conf.bind_addr_default_v6)) + conf.bind_addr_default_v6 = addr; } -void fastd_config_peer_group_push(fastd_context_t *ctx UNUSED, fastd_config_t *conf, const char *name) { +void fastd_config_peer_group_push(fastd_context_t *ctx UNUSED, const char *name) { fastd_peer_group_config_t *group = calloc(1, sizeof(fastd_peer_group_config_t)); group->name = strdup(name); group->max_connections = -1; - group->parent = conf->peer_group; + group->parent = conf.peer_group; group->next = group->parent->children; group->parent->children = group; - conf->peer_group = group; + conf.peer_group = group; } -void fastd_config_peer_group_pop(fastd_context_t *ctx UNUSED, fastd_config_t *conf) { - conf->peer_group = conf->peer_group->parent; +void fastd_config_peer_group_pop(fastd_context_t *ctx UNUSED) { + conf.peer_group = conf.peer_group->parent; } static void free_peer_group(fastd_peer_group_config_t *group) { @@ -187,7 +190,7 @@ static bool has_peer_group_peer_dirs(const fastd_peer_group_config_t *group) { return false; } -void fastd_config_add_log_file(fastd_context_t *ctx, fastd_config_t *conf, const char *name, fastd_loglevel_t level) { +void fastd_config_add_log_file(fastd_context_t *ctx, const char *name, fastd_loglevel_t level) { char *name2 = strdup(name); char *name3 = strdup(name); @@ -208,8 +211,8 @@ void fastd_config_add_log_file(fastd_context_t *ctx, fastd_config_t *conf, const file->level = level; - file->next = conf->log_files; - conf->log_files = file; + file->next = conf.log_files; + conf.log_files = file; if(chdir(oldcwd)) pr_error(ctx, "can't chdir to `%s': %s", oldcwd, strerror(errno)); @@ -225,7 +228,7 @@ void fastd_config_add_log_file(fastd_context_t *ctx, fastd_config_t *conf, const free(name3); } -static void read_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, const char *dir) { +static void read_peer_dir(fastd_context_t *ctx, const char *dir) { DIR *dirh = opendir("."); if (dirh) { @@ -257,13 +260,13 @@ static void read_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, const char continue; } - fastd_peer_config_new(ctx, conf); - conf->peers->name = strdup(result->d_name); - conf->peers->config_source_dir = dir; + fastd_peer_config_new(ctx); + conf.peers->name = strdup(result->d_name); + conf.peers->config_source_dir = dir; - if (!fastd_read_config(ctx, conf, result->d_name, true, 0)) { + if (!fastd_read_config(ctx, result->d_name, true, 0)) { pr_warn(ctx, "peer config `%s' will be ignored", result->d_name); - fastd_peer_config_delete(ctx, conf); + fastd_peer_config_delete(ctx); } } @@ -276,13 +279,13 @@ static void read_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, const char } } -static void read_peer_dirs(fastd_context_t *ctx, fastd_config_t *conf) { +static void read_peer_dirs(fastd_context_t *ctx) { char *oldcwd = get_current_dir_name(); fastd_string_stack_t *dir; - for (dir = conf->peer_group->peer_dirs; dir; dir = dir->next) { + for (dir = conf.peer_group->peer_dirs; dir; dir = dir->next) { if (!chdir(dir->str)) - read_peer_dir(ctx, conf, dir->str); + read_peer_dir(ctx, dir->str); else pr_error(ctx, "change from directory `%s' to `%s' failed: %s", oldcwd, dir->str, strerror(errno)); } @@ -293,12 +296,12 @@ static void read_peer_dirs(fastd_context_t *ctx, fastd_config_t *conf) { free(oldcwd); } -void fastd_add_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, const char *dir) { +void fastd_add_peer_dir(fastd_context_t *ctx, const char *dir) { char *oldcwd = get_current_dir_name(); if (!chdir(dir)) { char *newdir = get_current_dir_name(); - conf->peer_group->peer_dirs = fastd_string_stack_push(conf->peer_group->peer_dirs, newdir); + conf.peer_group->peer_dirs = fastd_string_stack_push(conf.peer_group->peer_dirs, newdir); free(newdir); if(chdir(oldcwd)) @@ -311,7 +314,7 @@ void fastd_add_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, const char * free(oldcwd); } -bool fastd_read_config(fastd_context_t *ctx, fastd_config_t *conf, const char *filename, bool peer_config, int depth) { +bool fastd_read_config(fastd_context_t *ctx, const char *filename, bool peer_config, int depth) { if (depth >= MAX_CONFIG_DEPTH) exit_error(ctx, "maximum config include depth exceeded"); @@ -358,9 +361,9 @@ bool fastd_read_config(fastd_context_t *ctx, fastd_config_t *conf, const char *f if (peer_config) token = START_PEER_CONFIG; else - token = conf->peer_group->parent ? START_PEER_GROUP_CONFIG : START_CONFIG; + token = conf.peer_group->parent ? START_PEER_GROUP_CONFIG : START_CONFIG; - int parse_ret = fastd_config_push_parse(ps, token, &token_val, &loc, ctx, conf, filename, depth+1); + int parse_ret = fastd_config_push_parse(ps, token, &token_val, &loc, ctx, filename, depth+1); while(parse_ret == YYPUSH_MORE) { token = fastd_lex(&token_val, &loc, lex); @@ -376,7 +379,7 @@ bool fastd_read_config(fastd_context_t *ctx, fastd_config_t *conf, const char *f strings = token_val.str; } - parse_ret = fastd_config_push_parse(ps, token, &token_val, &loc, ctx, conf, filename, depth+1); + parse_ret = fastd_config_push_parse(ps, token, &token_val, &loc, ctx, filename, depth+1); } if (parse_ret) @@ -400,13 +403,13 @@ bool fastd_read_config(fastd_context_t *ctx, fastd_config_t *conf, const char *f return ret; } -static void assess_peers(fastd_context_t *ctx, fastd_config_t *conf) { - conf->has_floating = false; +static void assess_peers(fastd_context_t *ctx) { + conf.has_floating = false; fastd_peer_config_t *peer; - for (peer = conf->peers; peer; peer = peer->next) { + for (peer = conf.peers; peer; peer = peer->next) { if (fastd_peer_config_is_floating(peer)) - conf->has_floating = true; + conf.has_floating = true; if (peer->dynamic_float_deprecated) pr_warn(ctx, "peer `%s' uses deprecated float syntax, please update your configuration", peer->name); @@ -414,18 +417,18 @@ static void assess_peers(fastd_context_t *ctx, fastd_config_t *conf) { } -static void configure_user(fastd_context_t *ctx, fastd_config_t *conf) { - conf->uid = getuid(); - conf->gid = getgid(); +static void configure_user(fastd_context_t *ctx) { + conf.uid = getuid(); + conf.gid = getgid(); - if (conf->user) { + if (conf.user) { struct passwd pwd, *pwdr; size_t bufspace = 1024; int error; do { char buf[bufspace]; - error = getpwnam_r(conf->user, &pwd, buf, bufspace, &pwdr); + error = getpwnam_r(conf.user, &pwd, buf, bufspace, &pwdr); bufspace *= 2; } while(error == ERANGE); @@ -433,20 +436,20 @@ static void configure_user(fastd_context_t *ctx, fastd_config_t *conf) { exit_errno(ctx, "getpwnam_r"); if (!pwdr) - exit_error(ctx, "config error: unable to find user `%s'.", conf->user); + exit_error(ctx, "config error: unable to find user `%s'.", conf.user); - conf->uid = pwdr->pw_uid; - conf->gid = pwdr->pw_gid; + conf.uid = pwdr->pw_uid; + conf.gid = pwdr->pw_gid; } - if (conf->group) { + if (conf.group) { struct group grp, *grpr; size_t bufspace = 1024; int error; do { char buf[bufspace]; - error = getgrnam_r(conf->group, &grp, buf, bufspace, &grpr); + error = getgrnam_r(conf.group, &grp, buf, bufspace, &grpr); bufspace *= 2; } while(error == ERANGE); @@ -454,146 +457,146 @@ static void configure_user(fastd_context_t *ctx, fastd_config_t *conf) { exit_errno(ctx, "getgrnam_r"); if (!grpr) - exit_error(ctx, "config error: unable to find group `%s'.", conf->group); + exit_error(ctx, "config error: unable to find group `%s'.", conf.group); - conf->gid = grpr->gr_gid; + conf.gid = grpr->gr_gid; } - if (conf->user) { + if (conf.user) { int ngroups = 0; - if (getgrouplist(conf->user, conf->gid, NULL, &ngroups) < 0) { + if (getgrouplist(conf.user, conf.gid, NULL, &ngroups) < 0) { /* the user has supplementary groups */ - conf->groups = calloc(ngroups, sizeof(gid_t)); - if (getgrouplist(conf->user, conf->gid, conf->groups, &ngroups) < 0) + conf.groups = calloc(ngroups, sizeof(gid_t)); + if (getgrouplist(conf.user, conf.gid, conf.groups, &ngroups) < 0) exit_errno(ctx, "getgrouplist"); - conf->n_groups = ngroups; + conf.n_groups = ngroups; } } } -static void configure_method_parameters(fastd_config_t *conf) { - conf->max_overhead = 0; - conf->min_encrypt_head_space = 0; - conf->min_decrypt_head_space = 0; - conf->min_encrypt_tail_space = 0; - conf->min_decrypt_tail_space = 0; +static void configure_method_parameters(void) { + conf.max_overhead = 0; + conf.min_encrypt_head_space = 0; + conf.min_decrypt_head_space = 0; + conf.min_encrypt_tail_space = 0; + conf.min_decrypt_tail_space = 0; size_t i; - for (i = 0; conf->methods[i].name; i++) { - const fastd_method_provider_t *provider = conf->methods[i].provider; - - conf->max_overhead = max_size_t(conf->max_overhead, provider->max_overhead); - conf->min_encrypt_head_space = max_size_t(conf->min_encrypt_head_space, provider->min_encrypt_head_space); - conf->min_decrypt_head_space = max_size_t(conf->min_decrypt_head_space, provider->min_decrypt_head_space); - conf->min_encrypt_tail_space = max_size_t(conf->min_encrypt_tail_space, provider->min_encrypt_tail_space); - conf->min_decrypt_tail_space = max_size_t(conf->min_decrypt_tail_space, provider->min_decrypt_tail_space); + for (i = 0; conf.methods[i].name; i++) { + const fastd_method_provider_t *provider = conf.methods[i].provider; + + conf.max_overhead = max_size_t(conf.max_overhead, provider->max_overhead); + conf.min_encrypt_head_space = max_size_t(conf.min_encrypt_head_space, provider->min_encrypt_head_space); + conf.min_decrypt_head_space = max_size_t(conf.min_decrypt_head_space, provider->min_decrypt_head_space); + conf.min_encrypt_tail_space = max_size_t(conf.min_encrypt_tail_space, provider->min_encrypt_tail_space); + conf.min_decrypt_tail_space = max_size_t(conf.min_decrypt_tail_space, provider->min_decrypt_tail_space); } - conf->min_encrypt_head_space = alignto(conf->min_encrypt_head_space, 16); + conf.min_encrypt_head_space = alignto(conf.min_encrypt_head_space, 16); /* ugly hack to get alignment right for aes128-gcm, which needs data aligned to 16 and has a 24 byte header */ - conf->min_decrypt_head_space = alignto(conf->min_decrypt_head_space, 16) + 8; + conf.min_decrypt_head_space = alignto(conf.min_decrypt_head_space, 16) + 8; } -static void configure_methods(fastd_context_t *ctx, fastd_config_t *conf) { +static void configure_methods(fastd_context_t *ctx) { size_t n_methods = 0, i; fastd_string_stack_t *method_name; - for (method_name = conf->method_list; method_name; method_name = method_name->next) + for (method_name = conf.method_list; method_name; method_name = method_name->next) n_methods++; - conf->methods = calloc(n_methods+1, sizeof(fastd_method_info_t)); + conf.methods = calloc(n_methods+1, sizeof(fastd_method_info_t)); - for (i = 0, method_name = conf->method_list; method_name; i++, method_name = method_name->next) { - conf->methods[i].name = method_name->str; - if (!fastd_method_create_by_name(method_name->str, &conf->methods[i].provider, &conf->methods[i].method)) + for (i = 0, method_name = conf.method_list; method_name; i++, method_name = method_name->next) { + conf.methods[i].name = method_name->str; + if (!fastd_method_create_by_name(method_name->str, &conf.methods[i].provider, &conf.methods[i].method)) exit_error(ctx, "config error: method `%s' not supported", method_name->str); } - configure_method_parameters(conf); + configure_method_parameters(); } -static void destroy_methods(fastd_config_t *conf) { +static void destroy_methods(void) { size_t i; - for (i = 0; conf->methods[i].name; i++) { - conf->methods[i].provider->destroy(conf->methods[i].method); + for (i = 0; conf.methods[i].name; i++) { + conf.methods[i].provider->destroy(conf.methods[i].method); } - free(conf->methods); + free(conf.methods); } -void fastd_configure(fastd_context_t *ctx, fastd_config_t *conf, int argc, char *const argv[]) { - default_config(conf); +void fastd_configure(fastd_context_t *ctx, int argc, char *const argv[]) { + default_config(); - fastd_config_handle_options(ctx, conf, argc, argv); + fastd_config_handle_options(ctx, argc, argv); - if (!conf->log_stderr_level && !conf->log_syslog_level && !conf->log_files) - conf->log_stderr_level = FASTD_DEFAULT_LOG_LEVEL; + if (!conf.log_stderr_level && !conf.log_syslog_level && !conf.log_files) + conf.log_stderr_level = FASTD_DEFAULT_LOG_LEVEL; } -static void config_check_base(fastd_context_t *ctx, fastd_config_t *conf) { - if (conf->ifname) { - if (strchr(conf->ifname, '/')) +static void config_check_base(fastd_context_t *ctx) { + if (conf.ifname) { + if (strchr(conf.ifname, '/')) exit_error(ctx, "config error: invalid interface name"); } - if (conf->mode == MODE_TUN) { - if (conf->peers->next) + if (conf.mode == MODE_TUN) { + if (conf.peers->next) exit_error(ctx, "config error: in TUN mode exactly one peer must be configured"); - if (conf->peer_group->children) + if (conf.peer_group->children) exit_error(ctx, "config error: in TUN mode peer groups can't be used"); - if (has_peer_group_peer_dirs(conf->peer_group)) + if (has_peer_group_peer_dirs(conf.peer_group)) exit_error(ctx, "config error: in TUN mode peer directories can't be used"); } #ifndef USE_PMTU - if (conf->pmtu.set) + if (conf.pmtu.set) exit_error(ctx, "config error: setting pmtu is not supported on this system"); #endif #ifndef USE_PACKET_MARK - if (conf->packet_mark) + if (conf.packet_mark) exit_error(ctx, "config error: setting a packet mark is not supported on this system"); #endif } -void fastd_config_check(fastd_context_t *ctx, fastd_config_t *conf) { - config_check_base(ctx, conf); +void fastd_config_check(fastd_context_t *ctx) { + config_check_base(ctx); - if (conf->mode == MODE_TUN) { - if (!conf->peers) + if (conf.mode == MODE_TUN) { + if (!conf.peers) exit_error(ctx, "config error: in TUN mode exactly one peer must be configured"); } - if (!conf->peers && !has_peer_group_peer_dirs(conf->peer_group)) + if (!conf.peers && !has_peer_group_peer_dirs(conf.peer_group)) exit_error(ctx, "config error: neither fixed peers nor peer dirs have been configured"); - if (!conf->method_list) { + if (!conf.method_list) { pr_warn(ctx, "no encryption method configured, falling back to method `null' (unencrypted)"); - fastd_config_method(ctx, conf, "null"); + fastd_config_method(ctx, "null"); } - configure_user(ctx, conf); - configure_methods(ctx, conf); + configure_user(ctx); + configure_methods(ctx); } -void fastd_config_verify(fastd_context_t *ctx, fastd_config_t *conf) { - config_check_base(ctx, conf); - configure_methods(ctx, conf); +void fastd_config_verify(fastd_context_t *ctx) { + config_check_base(ctx); + configure_methods(ctx); fastd_peer_config_t *peer; - for (peer = conf->peers; peer; peer = peer->next) - conf->protocol->peer_verify(ctx, peer); + for (peer = conf.peers; peer; peer = peer->next) + conf.protocol->peer_verify(ctx, peer); } -static void peer_dirs_read_peer_group(fastd_context_t *ctx, fastd_config_t *new_conf) { - read_peer_dirs(ctx, new_conf); +static void peer_dirs_read_peer_group(fastd_context_t *ctx) { + read_peer_dirs(ctx); fastd_peer_group_config_t *group; - for (group = new_conf->peer_group->children; group; group = group->next) { - new_conf->peer_group = group; - peer_dirs_read_peer_group(ctx, new_conf); + for (group = conf.peer_group->children; group; group = group->next) { + conf.peer_group = group; + peer_dirs_read_peer_group(ctx); } } @@ -653,58 +656,61 @@ static void peer_dirs_handle_new_peers(fastd_context_t *ctx UNUSED, fastd_peer_c } } -void fastd_config_load_peer_dirs(fastd_context_t *ctx, fastd_config_t *conf) { - fastd_config_t temp_conf; - temp_conf.peer_group = conf->peer_group; - temp_conf.peers = NULL; +void fastd_config_load_peer_dirs(fastd_context_t *ctx) { + fastd_peer_config_t *old_peers = conf.peers; + conf.peers = NULL; + + peer_dirs_read_peer_group(ctx); + + fastd_peer_config_t *new_peers = conf.peers; + conf.peers = old_peers; - peer_dirs_read_peer_group(ctx, &temp_conf); - peer_dirs_handle_old_peers(ctx, &conf->peers, &temp_conf.peers); - peer_dirs_handle_new_peers(ctx, &conf->peers, temp_conf.peers); + peer_dirs_handle_old_peers(ctx, &conf.peers, &new_peers); + peer_dirs_handle_new_peers(ctx, &conf.peers, new_peers); - assess_peers(ctx, conf); + assess_peers(ctx); } -void fastd_config_release(fastd_context_t *ctx, fastd_config_t *conf) { - while (conf->peers) - fastd_peer_config_delete(ctx, conf); +void fastd_config_release(fastd_context_t *ctx) { + while (conf.peers) + fastd_peer_config_delete(ctx); - while (conf->log_files) { - fastd_log_file_t *next = conf->log_files->next; - free(conf->log_files->filename); - free(conf->log_files); - conf->log_files = next; + while (conf.log_files) { + fastd_log_file_t *next = conf.log_files->next; + free(conf.log_files->filename); + free(conf.log_files); + conf.log_files = next; } - while (conf->bind_addrs) { - fastd_bind_address_t *next = conf->bind_addrs->next; - free(conf->bind_addrs->bindtodev); - free(conf->bind_addrs); - conf->bind_addrs = next; + while (conf.bind_addrs) { + fastd_bind_address_t *next = conf.bind_addrs->next; + free(conf.bind_addrs->bindtodev); + free(conf.bind_addrs); + conf.bind_addrs = next; } - free_peer_group(conf->peer_group); - - destroy_methods(conf); - fastd_string_stack_free(conf->method_list); - - fastd_mac_config_free(conf->macs); - fastd_cipher_config_free(conf->ciphers); - - fastd_shell_command_unset(&conf->on_pre_up); - fastd_shell_command_unset(&conf->on_up); - fastd_shell_command_unset(&conf->on_down); - fastd_shell_command_unset(&conf->on_post_down); - fastd_shell_command_unset(&conf->on_connect); - fastd_shell_command_unset(&conf->on_establish); - fastd_shell_command_unset(&conf->on_disestablish); - fastd_shell_command_unset(&conf->on_verify); - - free(conf->user); - free(conf->group); - free(conf->groups); - free(conf->ifname); - free(conf->secret); - free(conf->protocol_config); - free(conf->log_syslog_ident); + free_peer_group(conf.peer_group); + + destroy_methods(); + fastd_string_stack_free(conf.method_list); + + fastd_mac_config_free(conf.macs); + fastd_cipher_config_free(conf.ciphers); + + fastd_shell_command_unset(&conf.on_pre_up); + fastd_shell_command_unset(&conf.on_up); + fastd_shell_command_unset(&conf.on_down); + fastd_shell_command_unset(&conf.on_post_down); + fastd_shell_command_unset(&conf.on_connect); + fastd_shell_command_unset(&conf.on_establish); + fastd_shell_command_unset(&conf.on_disestablish); + fastd_shell_command_unset(&conf.on_verify); + + free(conf.user); + free(conf.group); + free(conf.groups); + free(conf.ifname); + free(conf.secret); + free(conf.protocol_config); + free(conf.log_syslog_ident); } |