"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/edge.c" between
n2n-3.0.tar.gz and n2n-3.1.1.tar.gz

About: n2n is a layer-two peer-to-peer virtual private network (VPN) which allows bypassing intermediate firewalls.
Pre-release.

edge.c  (n2n-3.0):edge.c  (n2n-3.1.1)
/** /**
* (C) 2007-21 - ntop.org and contributors * (C) 2007-22 - ntop.org and contributors
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 183 skipping to change at line 183
"[-i <registration interval>] " "[-i <registration interval>] "
"[-L <registration ttl>] " "[-L <registration ttl>] "
"\n lying connection " "\n lying connection "
"[-k <key>] " "[-k <key>] "
"[-A<cipher>] " "[-A<cipher>] "
"[-H] " "[-H] "
"[-z<compression>] " "[-z<compression>] "
"\n " "\n "
"[-e <preferred local IP address>] [-S<level of solitude>]" "[-e <preferred local IP address>] [-S<level of solitude>]"
"\n " "\n "
"[--select-rtt]" "[--select-rtt] "
#if defined(HAVE_MINIUPNP) || defined(HAVE_NATPMP)
"[--no-port-forwarding] "
#endif // HAVE_MINIUPNP || HAVE_NATPMP
"\n\n tap device and " "\n\n tap device and "
"[-a [static:|dhcp:]<tap IP address>[/<cidr suffix>]] " "[-a [static:|dhcp:]<tap IP address>[/<cidr suffix>]] "
"\n overlay network " "\n overlay network "
"[-m <tap MAC address>] " "[-m <tap MAC address>] "
#if defined(N2N_CAN_NAME_IFACE) #if defined(N2N_CAN_NAME_IFACE)
"[-d <tap device name>] " "[-d <tap device name>] "
#endif #endif
"\n configuration " "\n configuration "
"[-M <tap MTU>] " "[-M <tap MTU>] "
"[-r] " "[-r] "
skipping to change at line 235 skipping to change at line 238
"\n " "\n "
"\n meaning of the " "\n meaning of the "
#ifndef __APPLE__ #ifndef __APPLE__
"[-D] enable PMTU discovery" "[-D] enable PMTU discovery"
#endif #endif
"\n flag options [-H] enable header encryption" "\n flag options [-H] enable header encryption"
"\n [-r] enable packet forwarding through n2n co mmunity" "\n [-r] enable packet forwarding through n2n co mmunity"
"\n [-E] accept multicast MAC addresses" "\n [-E] accept multicast MAC addresses"
"\n [--select-rtt] select supernode by round trip time" "\n [--select-rtt] select supernode by round trip time"
"\n [--select-mac] select supernode by MAC address"
#if defined(HAVE_MINIUPNP) || defined(HAVE_NATPMP)
"\n [--no-port-forwarding] disable UPnP/PMP port forwarding"
#endif // HAVE_MINIUPNP || HAVE_NATPMP
#ifndef WIN32 #ifndef WIN32
"\n [-f] do not fork but run in foreground" "\n [-f] do not fork but run in foreground"
#endif #endif
"\n [-v] make more verbose, repeat as required" "\n [-v] make more verbose, repeat as required"
"\n " "\n "
"\n -h shows this quick reference including all available options" "\n -h shows this quick reference including all available options"
"\n --help gives a detailed parameter description" "\n --help gives a detailed parameter description"
"\n man files for n2n, edge, and superndode contain in-depth inform ation" "\n man files for n2n, edge, and superndode contain in-depth inform ation"
"\n\n"); "\n\n");
skipping to change at line 289 skipping to change at line 296
" | supernode (default 0 for not set)\n"); " | supernode (default 0 for not set)\n");
printf(" -k <key> | encryption key (ASCII) - also N2N_KEY=<key> \n"); printf(" -k <key> | encryption key (ASCII) - also N2N_KEY=<key> \n");
printf(" -A1 | disable payload encryption, do not use with key, defaults\n" printf(" -A1 | disable payload encryption, do not use with key, defaults\n"
" | to AES then\n"); " | to AES then\n");
printf(" -A2 ... -A5 | choose a cipher for payload encryption, req uires a key,\n" printf(" -A2 ... -A5 | choose a cipher for payload encryption, req uires a key,\n"
" | -A2 = Twofish, -A3 = AES (default if key pr ovided),\n" " | -A2 = Twofish, -A3 = AES (default if key pr ovided),\n"
" | -A4 = ChaCha20, -A5 = Speck-CTR\n"); " | -A4 = ChaCha20, -A5 = Speck-CTR\n");
printf(" -H | use header encryption, supernode needs fixe d community\n"); printf(" -H | use header encryption, supernode needs fixe d community\n");
printf(" -z1 ... -z2 | compress outgoing data packets, -z1 = lzo1x ,\n" printf(" -z1 ... -z2 | compress outgoing data packets, -z1 = lzo1x ,\n"
" | " " | "
#ifdef N2N_HAVE_ZSTD #ifdef HAVE_ZSTD
"-z2 = zstd, " "-z2 = zstd, "
#endif #endif
"disabled by default\n"); "disabled by default\n");
printf("--select-rtt | supernode selection based on round trip tim printf("--select-rtt | supernode selection based on round trip tim
e (default:\n" e\n"
"--select-mac | supernode selection based on MAC address (d
efault:\n"
" | by load)\n"); " | by load)\n");
#if defined(HAVE_MINIUPNP) || defined(HAVE_NATPMP)
printf("--no-port-... | disable UPnP/PMP port forwarding\n"
"...forwarding | \n");
#endif // HAVE_MINIUPNP || HAVE_NATPMP
printf ("\n"); printf ("\n");
printf (" TAP DEVICE AND OVERLAY NETWORK CONFIGURATION\n"); printf (" TAP DEVICE AND OVERLAY NETWORK CONFIGURATION\n");
printf (" --------------------------------------------\n\n"); printf (" --------------------------------------------\n\n");
printf(" -a [mode]<ip>[/n] | interface address and optional CIDR subnet, default '/24',\n" printf(" -a [mode]<ip>[/n] | interface address and optional CIDR subnet, default '/24',\n"
" | mode = [static|dhcp]:, for DHCP use '-r -a dhcp:0.0.0.0',\n" " | mode = [static|dhcp]:, for DHCP use '-r -a dhcp:0.0.0.0',\n"
" | edge draws IP address from supernode if no '-a ...' given\n"); " | edge draws IP address from supernode if no '-a ...' given\n");
printf(" -m <mac> | fixed MAC address for the TAP interface, e. g.\n" printf(" -m <mac> | fixed MAC address for the TAP interface, e. g.\n"
" | '-m 10:20:30:40:50:60', random otherwise\n" ); " | '-m 10:20:30:40:50:60', random otherwise\n" );
#if defined(N2N_CAN_NAME_IFACE) #if defined(N2N_CAN_NAME_IFACE)
skipping to change at line 374 skipping to change at line 386
static void setPayloadCompression (n2n_edge_conf_t *conf, int compression) { static void setPayloadCompression (n2n_edge_conf_t *conf, int compression) {
/* even though 'compression' and 'conf->compression' share the same encoding scheme, /* even though 'compression' and 'conf->compression' share the same encoding scheme,
* a switch-statement under conditional compilation is used to sort out the * a switch-statement under conditional compilation is used to sort out the
* unsupported optarguments */ * unsupported optarguments */
switch (compression) { switch (compression) {
case 1: { case 1: {
conf->compression = N2N_COMPRESSION_ID_LZO; conf->compression = N2N_COMPRESSION_ID_LZO;
break; break;
} }
#ifdef N2N_HAVE_ZSTD #ifdef HAVE_ZSTD
case 2: { case 2: {
conf->compression = N2N_COMPRESSION_ID_ZSTD; conf->compression = N2N_COMPRESSION_ID_ZSTD;
break; break;
} }
#endif #endif
default: { default: {
conf->compression = N2N_COMPRESSION_ID_NONE; conf->compression = N2N_COMPRESSION_ID_NONE;
// internal comrpession scheme numbering differs from cli counting b y one, hence plus one // internal comrpession scheme numbering differs from cli counting b y one, hence plus one
// (internal: 0 == invalid, 1 == none, 2 == lzo, 3 == zstd) // (internal: 0 == invalid, 1 == none, 2 == lzo, 3 == zstd)
traceEvent(TRACE_NORMAL, "the %s compression given by -z_ option is not supported in this version", compression_str(compression + 1)); traceEvent(TRACE_NORMAL, "the %s compression given by -z_ option is not supported in this version", compression_str(compression + 1));
skipping to change at line 740 skipping to change at line 752
break; break;
} }
case '[': /* round-trip-time-based supernode selection strategy */ { case '[': /* round-trip-time-based supernode selection strategy */ {
// overwrites the default load-based strategy // overwrites the default load-based strategy
conf->sn_selection_strategy = SN_SELECTION_STRATEGY_RTT; conf->sn_selection_strategy = SN_SELECTION_STRATEGY_RTT;
break; break;
} }
case ']': /* password for management port */ { case ']': /* mac-address-based supernode selection strategy */ {
// overwrites the default load-based strategy
conf->sn_selection_strategy = SN_SELECTION_STRATEGY_MAC;
break;
}
case '{': /* password for management port */ {
conf->mgmt_password_hash = pearson_hash_64((uint8_t*)optargument, st rlen(optargument)); conf->mgmt_password_hash = pearson_hash_64((uint8_t*)optargument, st rlen(optargument));
break; break;
} }
case '}': /* disable port forwarding */ {
conf->port_forwarding = 0;
break;
}
case 'h': /* quick reference */ { case 'h': /* quick reference */ {
return 2; return 2;
} }
case '@': /* long help */ { case '@': /* long help */ {
return 3; return 3;
} }
case 'v': /* verbose */ case 'v': /* verbose */
setTraceLevel(getTraceLevel() + 1); setTraceLevel(getTraceLevel() + 1);
skipping to change at line 799 skipping to change at line 824
static const struct option long_options[] = static const struct option long_options[] =
{ {
{ "community", required_argument, NULL, 'c' }, { "community", required_argument, NULL, 'c' },
{ "supernode-list", required_argument, NULL, 'l' }, { "supernode-list", required_argument, NULL, 'l' },
{ "tap-device", required_argument, NULL, 'd' }, { "tap-device", required_argument, NULL, 'd' },
{ "euid", required_argument, NULL, 'u' }, { "euid", required_argument, NULL, 'u' },
{ "egid", required_argument, NULL, 'g' }, { "egid", required_argument, NULL, 'g' },
{ "verbose", no_argument, NULL, 'v' }, { "verbose", no_argument, NULL, 'v' },
{ "help", no_argument, NULL, '@' }, /* internal spe cial character '@' to identify long help case */ { "help", no_argument, NULL, '@' }, /* internal spe cial character '@' to identify long help case */
{ "select-rtt", no_argument, NULL, '[' }, /* '[' rtt selection strategy */ { "select-rtt", no_argument, NULL, '[' }, /* '[' rtt selection strategy */
{ "management-password", required_argument, NULL, ']' }, /* { "select-mac", no_argument, NULL, ']' }, /*
']' management port password */ ']' mac selection strategy */
{ "management-password", required_argument, NULL, '{' }, /*
'{' management port password */
{ "no-port-forwarding", no_argument, NULL, '}' }, /*
'}' disable port forwarding */
{ NULL, 0, NULL, 0 } { NULL, 0, NULL, 0 }
}; };
/* *************************************************** */ /* *************************************************** */
/* read command line options */ /* read command line options */
static int loadFromCLI (int argc, char *argv[], n2n_edge_conf_t *conf, n2n_tunta p_priv_config_t *ec) { static int loadFromCLI (int argc, char *argv[], n2n_edge_conf_t *conf, n2n_tunta p_priv_config_t *ec) {
u_char c; u_char c;
skipping to change at line 1054 skipping to change at line 1081
conf.transop_id = N2N_TRANSFORM_ID_AES; conf.transop_id = N2N_TRANSFORM_ID_AES;
} }
} }
// user auth // user auth
if(conf.shared_secret /* containing private key only so far*/) { if(conf.shared_secret /* containing private key only so far*/) {
// if user-password auth and no federation public key provided, use defa ult // if user-password auth and no federation public key provided, use defa ult
if(!conf.federation_public_key) { if(!conf.federation_public_key) {
conf.federation_public_key = calloc(1, sizeof(n2n_private_public_key _t)); conf.federation_public_key = calloc(1, sizeof(n2n_private_public_key _t));
if(conf.federation_public_key) { if(conf.federation_public_key) {
traceEvent(TRACE_WARNING, "using default federation public key; FOR TESTING ONLY, usage of a custom federation name and key (-P) is highly recom mended!"); traceEvent(TRACE_WARNING, "using default federation public key; FOR TESTING ONLY, usage of a custom federation name and key (-P) is highly recom mended!");
generate_private_key(*(conf.federation_public_key), FEDERATION_N AME + 1); generate_private_key(*(conf.federation_public_key), &FEDERATION_ NAME[1]);
generate_public_key(*(conf.federation_public_key), *(conf.federa tion_public_key)); generate_public_key(*(conf.federation_public_key), *(conf.federa tion_public_key));
} }
} }
// calculate public key and shared secret // calculate public key and shared secret
if(conf.federation_public_key) { if(conf.federation_public_key) {
traceEvent(TRACE_NORMAL, "using username and password for edge authe ntication"); traceEvent(TRACE_NORMAL, "using username and password for edge authe ntication");
bind_private_key_to_username(*(conf.shared_secret), (char *)conf.dev _desc); bind_private_key_to_username(*(conf.shared_secret), (char *)conf.dev _desc);
conf.public_key = calloc(1, sizeof(n2n_private_public_key_t)); conf.public_key = calloc(1, sizeof(n2n_private_public_key_t));
if(conf.public_key) if(conf.public_key)
generate_public_key(*conf.public_key, *(conf.shared_secret)); generate_public_key(*conf.public_key, *(conf.shared_secret));
 End of changes. 11 change blocks. 
10 lines changed or deleted 40 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)