[PATCH 7/7] Multiple udp ports for the same site (multiple "comm"s)
Ian Jackson
ijackson at chiark.greenend.org.uk
Thu Jul 14 01:22:42 BST 2011
Now you can meaningfully specify more than one comm closure (ie, more
than one udp port) for a site. secnet will respond to incoming key
exchange and data packets on any of the ports.
Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
README | 5 ++++-
site.c | 39 +++++++++++++++++++++++++++++++++------
2 files changed, 37 insertions(+), 7 deletions(-)
diff --git a/README b/README
index 2d04b01..16fa18f 100644
--- a/README
+++ b/README
@@ -270,7 +270,10 @@ site: dict argument
local-name (string): this site's name for itself
name (string): the name of the site's peer
link (netlink closure)
- comm (comm closure)
+ comm (one or more comm closures): if there is more than one, the
+ first one will be used for any key setups initiated by us using the
+ configured address. Others are only used if our peer talks to
+ them.
resolver (resolver closure)
random (randomsrc closure)
local-key (rsaprivkey closure)
diff --git a/site.c b/site.c
index 1e46416..ed0977c 100644
--- a/site.c
+++ b/site.c
@@ -215,7 +215,8 @@ struct site {
string_t address; /* DNS name for bootstrapping, optional */
int remoteport; /* Port for bootstrapping, optional */
struct netlink_if *netlink;
- struct comm_if *comm;
+ struct comm_if **comms;
+ int ncomms;
struct resolver_if *resolver;
struct log_if *log;
struct random_if *random;
@@ -790,7 +791,7 @@ static void site_resolve_callback(void *sst, struct in_addr *address)
}
if (address) {
FILLZERO(ca_buf);
- ca_buf.comm=st->comm;
+ ca_buf.comm=st->comms[0];
ca_buf.sin.sin_family=AF_INET;
ca_buf.sin.sin_port=htons(st->remoteport);
ca_buf.sin.sin_addr=*address;
@@ -1278,6 +1279,7 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
struct site *st;
item_t *item;
dict_t *dict;
+ int i;
st=safe_malloc(sizeof(*st),"site_apply");
@@ -1310,7 +1312,20 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
st->index = ++index_sequence;
st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
st->netlink=find_cl_if(dict,"link",CL_NETLINK,True,"site",loc);
- st->comm=find_cl_if(dict,"comm",CL_COMM,True,"site",loc);
+
+ list_t *comms_cfg=dict_lookup(dict,"comm");
+ if (!comms_cfg) cfgfatal(loc,"site","closure list \"comm\" not found");
+ st->ncomms=list_length(comms_cfg);
+ st->comms=safe_malloc_ary(sizeof(*st->comms),st->ncomms,"comms");
+ assert(st->ncomms);
+ for (i=0; i<st->ncomms; i++) {
+ item_t *item=list_elem(comms_cfg,i);
+ if (item->type!=t_closure) cfgfatal(loc,"site","comm is not a closure");
+ closure_t *cl=item->data.closure;
+ if (cl->type!=CL_COMM) cfgfatal(loc,"site","comm closure wrong type");
+ st->comms[i]=cl->interface;
+ }
+
st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
st->log=find_cl_if(dict,"log",CL_LOG,True,"site",loc);
st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
@@ -1392,13 +1407,25 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
st->dhsecret=safe_malloc(st->dh->len,"site:dhsecret");
st->sharedsecret=safe_malloc(st->transform->keylen,"site:sharedsecret");
+ /* We need to compute some properties of our comms */
+#define COMPUTE_WORST(pad) \
+ int worst_##pad=0; \
+ for (i=0; i<st->ncomms; i++) { \
+ int thispad=st->comms[i]->pad; \
+ if (thispad > worst_##pad) \
+ worst_##pad=thispad; \
+ }
+ COMPUTE_WORST(min_start_pad)
+ COMPUTE_WORST(min_end_pad)
+
/* We need to register the remote networks with the netlink device */
st->netlink->reg(st->netlink->st, site_outgoing, st,
st->transform->max_start_pad+(4*4)+
- st->comm->min_start_pad,
- st->transform->max_end_pad+st->comm->min_end_pad);
+ worst_min_start_pad,
+ st->transform->max_end_pad+worst_min_end_pad);
- st->comm->request_notify(st->comm->st, st, site_incoming);
+ for (i=0; i<st->ncomms; i++)
+ st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);
st->current_transform=st->transform->create(st->transform->st);
st->new_transform=st->transform->create(st->transform->st);
--
1.5.6.5
More information about the sgo-software-discuss
mailing list