mirror of
https://github.com/ntop/n2n.git
synced 2024-09-20 00:51:10 +02:00
parent
23a9c871f8
commit
aa1f4311f9
|
@ -345,7 +345,7 @@ typedef struct n2n_PACKET {
|
||||||
typedef struct n2n_REGISTER_SUPER {
|
typedef struct n2n_REGISTER_SUPER {
|
||||||
n2n_cookie_t cookie; /**< Link REGISTER_SUPER and REGISTER_SUPER_ACK */
|
n2n_cookie_t cookie; /**< Link REGISTER_SUPER and REGISTER_SUPER_ACK */
|
||||||
n2n_mac_t edgeMac; /**< MAC to register with edge sending socket */
|
n2n_mac_t edgeMac; /**< MAC to register with edge sending socket */
|
||||||
n2n_sock_t sock; /**< Sending socket associated with srcMac */
|
n2n_sock_t sock; /**< Sending socket associated with edgeMac */
|
||||||
n2n_ip_subnet_t dev_addr; /**< IP address of the tuntap adapter. */
|
n2n_ip_subnet_t dev_addr; /**< IP address of the tuntap adapter. */
|
||||||
n2n_desc_t dev_desc; /**< Hint description correlated with the edge */
|
n2n_desc_t dev_desc; /**< Hint description correlated with the edge */
|
||||||
n2n_auth_t auth; /**< Authentication scheme and tokens */
|
n2n_auth_t auth; /**< Authentication scheme and tokens */
|
||||||
|
@ -355,10 +355,10 @@ typedef struct n2n_REGISTER_SUPER {
|
||||||
/* Linked with n2n_register_super_ack in n2n_pc_t. Only from supernode to edge. */
|
/* Linked with n2n_register_super_ack in n2n_pc_t. Only from supernode to edge. */
|
||||||
typedef struct n2n_REGISTER_SUPER_ACK {
|
typedef struct n2n_REGISTER_SUPER_ACK {
|
||||||
n2n_cookie_t cookie; /**< Return cookie from REGISTER_SUPER */
|
n2n_cookie_t cookie; /**< Return cookie from REGISTER_SUPER */
|
||||||
n2n_mac_t edgeMac; /**< MAC registered to edge sending socket */
|
n2n_mac_t srcMac; /**< MAC of answering supernode */
|
||||||
n2n_ip_subnet_t dev_addr; /**< Assign an IP address to the tuntap adapter of edge. */
|
n2n_ip_subnet_t dev_addr; /**< Assign an IP address to the tuntap adapter of edge. */
|
||||||
uint16_t lifetime; /**< How long the registration will live */
|
uint16_t lifetime; /**< How long the registration will live */
|
||||||
n2n_sock_t sock; /**< Sending sockets associated with edgeMac */
|
n2n_sock_t sock; /**< Sending sockets associated with edge */
|
||||||
n2n_auth_t auth; /**< Authentication scheme and tokens */
|
n2n_auth_t auth; /**< Authentication scheme and tokens */
|
||||||
|
|
||||||
/** The packet format provides additional supernode definitions here.
|
/** The packet format provides additional supernode definitions here.
|
||||||
|
@ -366,8 +366,7 @@ typedef struct n2n_REGISTER_SUPER_ACK {
|
||||||
* n2n_sock_t.
|
* n2n_sock_t.
|
||||||
*/
|
*/
|
||||||
uint8_t num_sn; /**< Number of supernodes that were send
|
uint8_t num_sn; /**< Number of supernodes that were send
|
||||||
* even if we cannot store them all. If
|
* even if we cannot store them all. */
|
||||||
* non-zero then sn_bak is valid. */
|
|
||||||
} n2n_REGISTER_SUPER_ACK_t;
|
} n2n_REGISTER_SUPER_ACK_t;
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -2364,7 +2364,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
|
||||||
decode_REGISTER_SUPER_ACK(&ra, &cmn, udp_buf, &rem, &idx, tmpbuf);
|
decode_REGISTER_SUPER_ACK(&ra, &cmn, udp_buf, &rem, &idx, tmpbuf);
|
||||||
|
|
||||||
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
|
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
|
||||||
if(!find_peer_time_stamp_and_verify (eee, sn, null_mac, stamp, TIME_STAMP_NO_JITTER)) {
|
if(!find_peer_time_stamp_and_verify(eee, sn, ra.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
|
||||||
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_SUPER_ACK due to time stamp error.");
|
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_SUPER_ACK due to time stamp error.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -2373,22 +2373,20 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
|
||||||
if(is_valid_peer_sock(&ra.sock))
|
if(is_valid_peer_sock(&ra.sock))
|
||||||
orig_sender = &(ra.sock);
|
orig_sender = &(ra.sock);
|
||||||
|
|
||||||
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK myMAC=%s [%s] (external %s). Attempts %u",
|
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK from MAC %s [%s] (external %s). Attempts %u",
|
||||||
macaddr_str(mac_buf1, ra.edgeMac),
|
macaddr_str(mac_buf1, ra.srcMac),
|
||||||
sock_to_cstr(sockbuf1, &sender),
|
sock_to_cstr(sockbuf1, &sender),
|
||||||
sock_to_cstr(sockbuf2, orig_sender),
|
sock_to_cstr(sockbuf2, orig_sender),
|
||||||
(unsigned int)eee->sup_attempts);
|
(unsigned int)eee->sup_attempts);
|
||||||
|
|
||||||
// this even holds true for auto ip assignment as own mac is null_mac
|
|
||||||
if(memcmp(ra.edgeMac, eee->device.mac_addr, N2N_MAC_SIZE)) {
|
|
||||||
traceEvent(TRACE_INFO, "readFromIPSocket dropped REGISTER_SUPER_ACK due to wrong addressing.");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(0 == memcmp(ra.cookie, eee->curr_sn->last_cookie, N2N_COOKIE_SIZE)) {
|
if(0 == memcmp(ra.cookie, eee->curr_sn->last_cookie, N2N_COOKIE_SIZE)) {
|
||||||
|
|
||||||
handle_remote_auth(eee, sn, &(ra.auth));
|
handle_remote_auth(eee, sn, &(ra.auth));
|
||||||
|
|
||||||
|
HASH_DEL(eee->conf.supernodes, eee->curr_sn);
|
||||||
|
memcpy(&eee->curr_sn->mac_addr, ra.srcMac, N2N_MAC_SIZE);
|
||||||
|
HASH_ADD_PEER(eee->conf.supernodes, eee->curr_sn);
|
||||||
|
|
||||||
payload = (n2n_REGISTER_SUPER_ACK_payload_t*)tmpbuf;
|
payload = (n2n_REGISTER_SUPER_ACK_payload_t*)tmpbuf;
|
||||||
|
|
||||||
// from here on, 'sn' gets used differently
|
// from here on, 'sn' gets used differently
|
||||||
|
@ -2427,9 +2425,9 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// update last_sup only on 'real' REGISTER_SUPER_ACKs, not on bootstrap ones (null_mac)
|
// update last_sup only on 'real' REGISTER_SUPER_ACKs, not on bootstrap ones (own MAC address
|
||||||
// this allows reliable in/out PACKET drop if not really registered with a supernode yet
|
// still null_mac) this allows reliable in/out PACKET drop if not really registered with a supernode yet
|
||||||
if(!is_null_mac(ra.edgeMac)) {
|
if(!is_null_mac(eee->device.mac_addr)) {
|
||||||
if(!eee->last_sup) {
|
if(!eee->last_sup) {
|
||||||
// indicates successful connection between the edge and a supernode
|
// indicates successful connection between the edge and a supernode
|
||||||
traceEvent(TRACE_NORMAL, "[OK] Edge Peer <<< ================ >>> Super Node");
|
traceEvent(TRACE_NORMAL, "[OK] Edge Peer <<< ================ >>> Super Node");
|
||||||
|
@ -2446,7 +2444,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
|
||||||
* based on its NAT configuration. */
|
* based on its NAT configuration. */
|
||||||
//eee->conf.register_interval = ra.lifetime;
|
//eee->conf.register_interval = ra.lifetime;
|
||||||
|
|
||||||
if(eee->cb.sn_registration_updated && !is_null_mac(ra.edgeMac))
|
if(eee->cb.sn_registration_updated && !is_null_mac(eee->device.mac_addr))
|
||||||
eee->cb.sn_registration_updated(eee, now, &sender);
|
eee->cb.sn_registration_updated(eee, now, &sender);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
@ -2751,7 +2749,6 @@ int run_edge_loop (n2n_edge_t *eee, int *keep_running) {
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef SKIP_MULTICAST_PEERS_DISCOVERY
|
#ifndef SKIP_MULTICAST_PEERS_DISCOVERY
|
||||||
|
|
||||||
if(FD_ISSET(eee->udp_multicast_sock, &socket_mask)) {
|
if(FD_ISSET(eee->udp_multicast_sock, &socket_mask)) {
|
||||||
if (0 != fetch_and_eventually_process_data (eee, eee->udp_multicast_sock,
|
if (0 != fetch_and_eventually_process_data (eee, eee->udp_multicast_sock,
|
||||||
pktbuf, &expected, &position,
|
pktbuf, &expected, &position,
|
||||||
|
|
|
@ -896,6 +896,7 @@ static int re_register_and_purge_supernodes (n2n_sn_t *sss, struct sn_community
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(reg.cookie, cookie, N2N_COOKIE_SIZE);
|
memcpy(reg.cookie, cookie, N2N_COOKIE_SIZE);
|
||||||
|
memcpy(peer->last_cookie, cookie, N2N_COOKIE_SIZE);
|
||||||
reg.dev_addr.net_addr = ntohl(peer->dev_addr.net_addr);
|
reg.dev_addr.net_addr = ntohl(peer->dev_addr.net_addr);
|
||||||
reg.dev_addr.net_bitlen = mask2bitlen(ntohl(peer->dev_addr.net_bitlen));
|
reg.dev_addr.net_bitlen = mask2bitlen(ntohl(peer->dev_addr.net_bitlen));
|
||||||
get_local_auth(sss, &(reg.auth));
|
get_local_auth(sss, &(reg.auth));
|
||||||
|
@ -1519,12 +1520,7 @@ static int process_udp (n2n_sn_t * sss,
|
||||||
memcpy(cmn2.community, cmn.community, sizeof(n2n_community_t));
|
memcpy(cmn2.community, cmn.community, sizeof(n2n_community_t));
|
||||||
|
|
||||||
memcpy(&(ack.cookie), &(reg.cookie), sizeof(n2n_cookie_t));
|
memcpy(&(ack.cookie), &(reg.cookie), sizeof(n2n_cookie_t));
|
||||||
|
memcpy(ack.srcMac, sss->mac_addr, sizeof(n2n_mac_t));
|
||||||
if(comm->is_federation == IS_FEDERATION) {
|
|
||||||
memcpy(ack.edgeMac, sss->mac_addr, sizeof(n2n_mac_t));
|
|
||||||
} else {
|
|
||||||
memcpy(ack.edgeMac, reg.edgeMac, sizeof(n2n_mac_t));
|
|
||||||
}
|
|
||||||
|
|
||||||
if((reg.dev_addr.net_addr == 0) || (reg.dev_addr.net_addr == 0xFFFFFFFF) || (reg.dev_addr.net_bitlen == 0) ||
|
if((reg.dev_addr.net_addr == 0) || (reg.dev_addr.net_addr == 0xFFFFFFFF) || (reg.dev_addr.net_bitlen == 0) ||
|
||||||
((reg.dev_addr.net_addr & 0xFFFF0000) == 0xA9FE0000 /* 169.254.0.0 */)) {
|
((reg.dev_addr.net_addr & 0xFFFF0000) == 0xA9FE0000 /* 169.254.0.0 */)) {
|
||||||
|
@ -1747,21 +1743,21 @@ static int process_udp (n2n_sn_t * sss,
|
||||||
|
|
||||||
if(comm) {
|
if(comm) {
|
||||||
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
|
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
|
||||||
if(!find_edge_time_stamp_and_verify (comm->edges, sn, ack.edgeMac, stamp, TIME_STAMP_NO_JITTER)) {
|
if(!find_edge_time_stamp_and_verify(comm->edges, sn, ack.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
|
||||||
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_ACK due to time stamp error.");
|
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_ACK due to time stamp error.");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK myMAC=%s [%s] (external %s)",
|
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK from MAC %s [%s] (external %s)",
|
||||||
macaddr_str(mac_buf1, ack.edgeMac),
|
macaddr_str(mac_buf1, ack.srcMac),
|
||||||
sock_to_cstr(sockbuf1, &sender),
|
sock_to_cstr(sockbuf1, &sender),
|
||||||
sock_to_cstr(sockbuf2, orig_sender));
|
sock_to_cstr(sockbuf2, orig_sender));
|
||||||
|
|
||||||
if(comm->is_federation == IS_FEDERATION) {
|
if(comm->is_federation == IS_FEDERATION) {
|
||||||
skip_add = SN_ADD_SKIP;
|
skip_add = SN_ADD_SKIP;
|
||||||
scan = add_sn_to_list_by_mac_or_sock(&(sss->federation->edges), &sender, ack.edgeMac, &skip_add);
|
scan = add_sn_to_list_by_mac_or_sock(&(sss->federation->edges), &sender, ack.srcMac, &skip_add);
|
||||||
if(scan != NULL) {
|
if(scan != NULL) {
|
||||||
scan->last_seen = now;
|
scan->last_seen = now;
|
||||||
} else {
|
} else {
|
||||||
|
@ -1770,6 +1766,7 @@ static int process_udp (n2n_sn_t * sss,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(0 == memcmp(ack.cookie, scan->last_cookie, N2N_COOKIE_SIZE)) {
|
||||||
payload = (n2n_REGISTER_SUPER_ACK_payload_t *)dec_tmpbuf;
|
payload = (n2n_REGISTER_SUPER_ACK_payload_t *)dec_tmpbuf;
|
||||||
|
|
||||||
for(i = 0; i < ack.num_sn; i++) {
|
for(i = 0; i < ack.num_sn; i++) {
|
||||||
|
@ -1785,7 +1782,9 @@ static int process_udp (n2n_sn_t * sss,
|
||||||
// shift to next payload entry
|
// shift to next payload entry
|
||||||
payload++;
|
payload++;
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old cookie.");
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -478,7 +478,7 @@ int encode_REGISTER_SUPER_ACK (uint8_t *base,
|
||||||
|
|
||||||
retval += encode_common(base, idx, common);
|
retval += encode_common(base, idx, common);
|
||||||
retval += encode_buf(base, idx, reg->cookie, N2N_COOKIE_SIZE);
|
retval += encode_buf(base, idx, reg->cookie, N2N_COOKIE_SIZE);
|
||||||
retval += encode_mac(base, idx, reg->edgeMac);
|
retval += encode_mac(base, idx, reg->srcMac);
|
||||||
retval += encode_uint32(base, idx, reg->dev_addr.net_addr);
|
retval += encode_uint32(base, idx, reg->dev_addr.net_addr);
|
||||||
retval += encode_uint8(base, idx, reg->dev_addr.net_bitlen);
|
retval += encode_uint8(base, idx, reg->dev_addr.net_bitlen);
|
||||||
retval += encode_uint16(base, idx, reg->lifetime);
|
retval += encode_uint16(base, idx, reg->lifetime);
|
||||||
|
@ -501,7 +501,7 @@ int decode_REGISTER_SUPER_ACK (n2n_REGISTER_SUPER_ACK_t *reg,
|
||||||
memset(reg, 0, sizeof(n2n_REGISTER_SUPER_ACK_t));
|
memset(reg, 0, sizeof(n2n_REGISTER_SUPER_ACK_t));
|
||||||
|
|
||||||
retval += decode_buf(reg->cookie, N2N_COOKIE_SIZE, base, rem, idx);
|
retval += decode_buf(reg->cookie, N2N_COOKIE_SIZE, base, rem, idx);
|
||||||
retval += decode_mac(reg->edgeMac, base, rem, idx);
|
retval += decode_mac(reg->srcMac, base, rem, idx);
|
||||||
retval += decode_uint32(&(reg->dev_addr.net_addr), base, rem, idx);
|
retval += decode_uint32(&(reg->dev_addr.net_addr), base, rem, idx);
|
||||||
retval += decode_uint8(&(reg->dev_addr.net_bitlen), base, rem, idx);
|
retval += decode_uint8(&(reg->dev_addr.net_bitlen), base, rem, idx);
|
||||||
retval += decode_uint16(&(reg->lifetime), base, rem, idx);
|
retval += decode_uint16(&(reg->lifetime), base, rem, idx);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user