X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=tun.c;h=dcfd62392d825994665a787a88f3afe588230d3c;hp=cfd5a57ab4e3c33be3dbe64bb1e98c95c84ef3e7;hb=2694a33edb14ea5abf5637e4a88a5aeff2e77453;hpb=389070fed67552c613ce5afd3cdb436f8f8c538f diff --git a/tun.c b/tun.c index cfd5a57..dcfd623 100644 --- a/tun.c +++ b/tun.c @@ -3,6 +3,7 @@ #include "netlink.h" #include #include +#include #include #include #include @@ -80,7 +81,6 @@ struct tun { struct buffer_if *buff; /* We receive packets into here and send them to the netlink code. */ netlink_deliver_fn *netlink_to_tunnel; - uint32_t local_address; /* host interface address */ }; static cstring_t tun_flavour_str(uint32_t flavour) @@ -95,8 +95,7 @@ static cstring_t tun_flavour_str(uint32_t flavour) } static int tun_beforepoll(void *sst, struct pollfd *fds, int *nfds_io, - int *timeout_io, const struct timeval *tv_now, - uint64_t *now) + int *timeout_io) { struct tun *st=sst; *nfds_io=1; @@ -105,8 +104,7 @@ static int tun_beforepoll(void *sst, struct pollfd *fds, int *nfds_io, return 0; } -static void tun_afterpoll(void *sst, struct pollfd *fds, int nfds, - const struct timeval *tv_now, uint64_t *now) +static void tun_afterpoll(void *sst, struct pollfd *fds, int nfds) { struct tun *st=sst; int l; @@ -117,8 +115,8 @@ static void tun_afterpoll(void *sst, struct pollfd *fds, int nfds, } if (fds[0].revents&POLLIN) { BUF_ALLOC(st->buff,"tun_afterpoll"); - buffer_init(st->buff,st->nl.max_start_pad); - l=read(st->fd,st->buff->start,st->buff->len-st->nl.max_start_pad); + buffer_init(st->buff,calculate_max_start_pad()); + l=read(st->fd,st->buff->start,st->buff->len-calculate_max_start_pad()); if (l<0) { fatal_perror("tun_afterpoll: read()"); } @@ -136,11 +134,27 @@ static void tun_afterpoll(void *sst, struct pollfd *fds, int nfds, static void tun_deliver_to_kernel(void *sst, struct buffer_if *buf) { struct tun *st=sst; + ssize_t rc; BUF_ASSERT_USED(buf); - /* No error checking, because we'd just throw the packet away - anyway if it didn't work. */ - write(st->fd,buf->start,buf->size); + + /* Log errors, so we can tell what's going on, but only once a + minute, so we don't flood the logs. Short writes count as + errors. */ + rc = write(st->fd,buf->start,buf->size); + if(rc != buf->size) { + static struct timeval last_report; + if(tv_now_global.tv_sec >= last_report.tv_sec + 60) { + if(rc < 0) + Message(M_WARNING, + "failed to deliver packet to tun device: %s\n", + strerror(errno)); + else + Message(M_WARNING, + "truncated packet delivered to tun device\n"); + last_report = tv_now_global; + } + } BUF_FREE(buf); } @@ -149,10 +163,16 @@ static bool_t tun_set_route(void *sst, struct netlink_client *routes) struct tun *st=sst; string_t network, mask, secnetaddr; struct subnet_list *nets; - uint32_t i; + int32_t i; int fd=-1; + bool_t up; - if (routes->up == routes->kup) return False; + if (routes->options & OPT_SOFTROUTE) + up = routes->up; + else + up = routes->link_quality > LINK_QUALITY_UNUSED; + + if (up == routes->kup) return False; if (st->route_type==TUN_CONFIG_IOCTL) { if (st->tun_flavour==TUN_FLAVOUR_STREAMS) { fd=open(st->ip_path,O_RDWR); @@ -172,20 +192,20 @@ static bool_t tun_set_route(void *sst, struct netlink_client *routes) network=ipaddr_to_string(nets->list[i].prefix); mask=ipaddr_to_string(nets->list[i].mask); Message(M_INFO,"%s: %s route %s/%d %s kernel routing table\n", - st->nl.name,routes->up?"adding":"deleting",network, - nets->list[i].len,routes->up?"to":"from"); + st->nl.name,up?"adding":"deleting",network, + nets->list[i].len,up?"to":"from"); switch (st->route_type) { case TUN_CONFIG_LINUX: - sys_cmd(st->route_path,"route",routes->up?"add":"del", + sys_cmd(st->route_path,"route",up?"add":"del", "-net",network,"netmask",mask, "gw",secnetaddr,(char *)0); break; case TUN_CONFIG_BSD: - sys_cmd(st->route_path,"route",routes->up?"add":"del", + sys_cmd(st->route_path,"route",up?"add":"del", "-net",network,secnetaddr,mask,(char *)0); break; case TUN_CONFIG_SOLARIS25: - sys_cmd(st->route_path,"route",routes->up?"add":"del", + sys_cmd(st->route_path,"route",up?"add":"del", network,secnetaddr,(char *)0); break; case TUN_CONFIG_IOCTL: @@ -196,7 +216,7 @@ static bool_t tun_set_route(void *sst, struct netlink_client *routes) struct sockaddr_in *sa; int action; - memset(&rt,0,sizeof(rt)); + FILLZERO(rt); sa=(struct sockaddr_in *)&rt.rt_dst; sa->sin_family=AF_INET; sa->sin_addr.s_addr=htonl(nets->list[i].prefix); @@ -207,7 +227,7 @@ static bool_t tun_set_route(void *sst, struct netlink_client *routes) sa->sin_family=AF_INET; sa->sin_addr.s_addr=htonl(st->nl.secnet_address); rt.rt_flags=RTF_UP|RTF_GATEWAY; - action=routes->up?SIOCADDRT:SIOCDELRT; + action=up?SIOCADDRT:SIOCDELRT; if (ioctl(fd,action,&rt)<0) { fatal_perror("tun_set_route: ioctl()"); } @@ -226,7 +246,7 @@ static bool_t tun_set_route(void *sst, struct netlink_client *routes) if (st->route_type==TUN_CONFIG_IOCTL) { close(fd); } - routes->kup=routes->up; + routes->kup=up; return True; } @@ -234,7 +254,7 @@ static void tun_phase_hook(void *sst, uint32_t newphase) { struct tun *st=sst; string_t hostaddr,secnetaddr; - uint8_t mtu[6]; + char mtu[6]; struct netlink_client *r; if (st->tun_flavour==TUN_FLAVOUR_BSD) { @@ -277,7 +297,7 @@ static void tun_phase_hook(void *sst, uint32_t newphase) fatal_perror("%s: can't open device file %s",st->nl.name, st->device_path); } - memset(&ifr,0,sizeof(ifr)); + FILLZERO(ifr); ifr.ifr_flags = IFF_TUN | IFF_NO_PI; /* Just send/receive IP packets, no extra headers */ if (st->interface_name) @@ -332,9 +352,9 @@ static void tun_phase_hook(void *sst, uint32_t newphase) to set the TUN device's address, and route to add routes to all our networks. */ - hostaddr=ipaddr_to_string(st->local_address); + hostaddr=ipaddr_to_string(st->nl.local_address); secnetaddr=ipaddr_to_string(st->nl.secnet_address); - snprintf(mtu,6,"%d",st->nl.mtu); + snprintf(mtu,sizeof(mtu),"%d",st->nl.mtu); mtu[5]=0; switch (st->ifconfig_type) { @@ -364,9 +384,9 @@ static void tun_phase_hook(void *sst, uint32_t newphase) /* Interface address */ strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); sa=(struct sockaddr_in *)&ifr.ifr_addr; - memset(sa,0,sizeof(*sa)); + FILLZERO(*sa); sa->sin_family=AF_INET; - sa->sin_addr.s_addr=htonl(st->local_address); + sa->sin_addr.s_addr=htonl(st->nl.local_address); if (ioctl(fd,SIOCSIFADDR, &ifr)!=0) { fatal_perror("tun_apply: SIOCSIFADDR"); } @@ -374,7 +394,7 @@ static void tun_phase_hook(void *sst, uint32_t newphase) /* Netmask */ strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); sa=(struct sockaddr_in *)&ifr.ifr_netmask; - memset(sa,0,sizeof(*sa)); + FILLZERO(*sa); sa->sin_family=AF_INET; sa->sin_addr.s_addr=htonl(0xffffffff); if (ioctl(fd,SIOCSIFNETMASK, &ifr)!=0) { @@ -384,7 +404,7 @@ static void tun_phase_hook(void *sst, uint32_t newphase) /* Destination address (point-to-point) */ strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); sa=(struct sockaddr_in *)&ifr.ifr_dstaddr; - memset(sa,0,sizeof(*sa)); + FILLZERO(*sa); sa->sin_family=AF_INET; sa->sin_addr.s_addr=htonl(st->nl.secnet_address); if (ioctl(fd,SIOCSIFDSTADDR, &ifr)!=0) { @@ -470,8 +490,6 @@ static list_t *tun_create(closure_t *self, struct cloc loc, dict_t *context, st->route_path=dict_read_string(dict,"route-path",False,"tun-netlink",loc); st->buff=find_cl_if(dict,"buffer",CL_BUFFER,True,"tun-netlink",loc); - st->local_address=string_item_to_ipaddr( - dict_find_item(dict,"local-address", True, "netlink", loc),"netlink"); if (st->tun_flavour==TUN_FLAVOUR_GUESS) { /* If we haven't been told what type of TUN we're using, take @@ -481,10 +499,7 @@ static list_t *tun_create(closure_t *self, struct cloc loc, dict_t *context, fatal_perror("tun_create: uname"); } if (strcmp(u.sysname,"Linux")==0) { - if (u.release[0]=='2' && u.release[1]=='.' && u.release[3]=='.') { - if (u.release[2]=='2') st->tun_flavour=TUN_FLAVOUR_BSD; - else if (u.release[2]=='4') st->tun_flavour=TUN_FLAVOUR_LINUX; - } + st->tun_flavour=TUN_FLAVOUR_LINUX; } else if (strcmp(u.sysname,"SunOS")==0) { st->tun_flavour=TUN_FLAVOUR_STREAMS; } else if (strcmp(u.sysname,"FreeBSD")==0