2 protocol.c -- handle the meta-protocol, basic functions
3 Copyright (C) 1999-2005 Ivo Timmermans,
4 2000-2022 Guus Sliepen <guus@tinc-vpn.org>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License along
17 with this program; if not, write to the Free Software Foundation, Inc.,
18 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 #include "connection.h"
32 bool tunnelserver = false;
33 bool strictsubnets = false;
34 bool experimental = true;
36 /* Jumptable for the request handlers */
38 static bool (*request_handlers[])(connection_t *, const char *) = {
39 id_h, metakey_h, challenge_h, chal_reply_h, ack_h,
40 NULL, NULL, termreq_h,
42 add_subnet_h, del_subnet_h,
43 add_edge_h, del_edge_h,
44 key_changed_h, req_key_h, ans_key_h, tcppacket_h, control_h,
45 NULL, NULL, /* Not "real" requests (yet) */
47 udp_info_h, mtu_info_h,
52 static const char (*request_name[]) = {
53 "ID", "METAKEY", "CHALLENGE", "CHAL_REPLY", "ACK",
54 "STATUS", "ERROR", "TERMREQ",
56 "ADD_SUBNET", "DEL_SUBNET",
57 "ADD_EDGE", "DEL_EDGE", "KEY_CHANGED", "REQ_KEY", "ANS_KEY", "PACKET", "CONTROL",
58 "REQ_PUBKEY", "ANS_PUBKEY", "SPTPS_PACKET", "UDP_INFO", "MTU_INFO",
61 static int past_request_compare(const past_request_t *a, const past_request_t *b) {
62 return strcmp(a->request, b->request);
65 static void free_past_request(past_request_t *r) {
66 free((char *)r->request);
70 static splay_tree_t past_request_tree = {
71 .compare = (splay_compare_t) past_request_compare,
72 .delete = (splay_action_t) free_past_request,
75 /* Generic request routines - takes care of logging and error
78 bool send_request(connection_t *c, const char *format, ...) {
80 char request[MAXBUFSIZE];
83 /* Use vsnprintf instead of vxasprintf: faster, no memory
84 fragmentation, cleanup is automatic, and there is a limit on the
85 input buffer anyway */
87 va_start(args, format);
88 len = vsnprintf(request, sizeof(request), format, args);
89 request[sizeof(request) - 1] = 0;
92 if(len < 0 || (size_t)len > sizeof(request) - 1) {
93 logger(DEBUG_ALWAYS, LOG_ERR, "Output buffer overflow while sending request to %s (%s)",
94 c->name, c->hostname);
98 int id = atoi(request);
99 logger(DEBUG_META, LOG_DEBUG, "Sending %s to %s (%s): %s", request_name[id], c->name, c->hostname, request);
101 request[len++] = '\n';
104 broadcast_meta(NULL, request, len);
108 return send_meta(c, request, len);
110 send_meta_raw(c, request, len);
116 void forward_request(connection_t *from, const char *request) {
117 logger(DEBUG_META, LOG_DEBUG, "Forwarding %s from %s (%s): %s", request_name[atoi(request)], from->name, from->hostname, request);
119 // Create a temporary newline-terminated copy of the request
120 size_t len = strlen(request);
121 const size_t tmplen = len + 1;
122 char *tmp = alloca(tmplen);
123 memcpy(tmp, request, len);
125 broadcast_meta(from, tmp, tmplen);
128 bool receive_request(connection_t *c, const char *request) {
129 if(c->outgoing && proxytype == PROXY_HTTP && c->allow_request == ID) {
130 if(!request[0] || request[0] == '\r') {
134 if(!strncasecmp(request, "HTTP/1.1 ", 9)) {
135 if(!strncmp(request + 9, "200", 3)) {
136 logger(DEBUG_CONNECTIONS, LOG_DEBUG, "Proxy request granted");
139 logger(DEBUG_ALWAYS, LOG_DEBUG, "Proxy request rejected: %s", request + 9);
145 int reqno = atoi(request);
147 if(reqno || *request == '0') {
148 if((reqno < 0) || (reqno >= LAST) || !request_handlers[reqno]) {
149 logger(DEBUG_META, LOG_DEBUG, "Unknown request from %s (%s): %s", c->name, c->hostname, request);
152 logger(DEBUG_META, LOG_DEBUG, "Got %s from %s (%s): %s", request_name[reqno], c->name, c->hostname, request);
155 if((c->allow_request != ALL) && (c->allow_request != reqno)) {
156 logger(DEBUG_ALWAYS, LOG_ERR, "Unauthorized request from %s (%s)", c->name, c->hostname);
160 if(!request_handlers[reqno](c, request)) {
161 /* Something went wrong. Probably scriptkiddies. Terminate. */
163 if(reqno != TERMREQ) {
164 logger(DEBUG_ALWAYS, LOG_ERR, "Error while processing %s from %s (%s)", request_name[reqno], c->name, c->hostname);
170 logger(DEBUG_ALWAYS, LOG_ERR, "Bogus data received from %s (%s)", c->name, c->hostname);
177 static timeout_t past_request_timeout;
179 static void age_past_requests(void *data) {
181 int left = 0, deleted = 0;
183 for splay_each(past_request_t, p, &past_request_tree) {
184 if(p->firstseen + pinginterval <= now.tv_sec) {
185 splay_delete_node(&past_request_tree, node), deleted++;
191 if(left || deleted) {
192 logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Aging past requests: deleted %d, left %d", deleted, left);
196 timeout_set(&past_request_timeout, &(struct timeval) {
201 bool seen_request(const char *request) {
202 past_request_t *new, p = {0};
206 if(splay_search(&past_request_tree, &p)) {
207 logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Already seen request");
210 new = xmalloc(sizeof(*new));
211 new->request = xstrdup(request);
212 new->firstseen = now.tv_sec;
213 splay_insert(&past_request_tree, new);
214 timeout_add(&past_request_timeout, age_past_requests, NULL, &(struct timeval) {
221 void exit_requests(void) {
222 splay_empty_tree(&past_request_tree);
224 timeout_del(&past_request_timeout);