From 09fdfb04242e54ae56ce9200fbdc3c364bb27c7c Mon Sep 17 00:00:00 2001 From: Hacker <564064202@qq.com> Date: Sat, 25 Sep 2021 17:30:16 +0800 Subject: [PATCH] added support for COMMUNITY_NAME environment variable (#814) Co-authored-by: codeneno Co-authored-by: Logan oos Even --- doc/Communities.md | 2 ++ edge.8 | 11 +++++++---- src/edge.c | 6 ++++-- src/edge_utils.c | 5 +++++ 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/doc/Communities.md b/doc/Communities.md index 30b564f..1285a56 100644 --- a/doc/Communities.md +++ b/doc/Communities.md @@ -7,6 +7,8 @@ As communities designate virtual networks, they must be distinguishable from eac To make full use of character space, hex values could be used, e.g. from Linux bash applying the `edge … -c $(echo -en '\x3a\x3b\x4a\x6a\xfa') …` command line syntax. If used with a configuration file, the bytes must be directly filled as characters into a corresponding `-c :;Jjþ` line. +Apart from command line `-c` and configuration file, the community name can be supplied through the `N2N_COMMUNITY` environment variable. This might prove useful to hide the community name from command line if used with header encryption enabled, see below. + ## Restrict Supernode Access diff --git a/edge.8 b/edge.8 index 7eb35ca..c9cd904 100644 --- a/edge.8 +++ b/edge.8 @@ -19,10 +19,10 @@ An equal sign ('=') should be used between key and value. Example: -p=7777 .SH OPTIONS FOR THE UNDERLYING NETWORK CONNECTION .TP \fB\-c \fR<\fIcommunity\fR>, \fB\-\-community\fR=<\fIcommunity\fR> -sets the n2n community name. All edges within the same community appear on the -same LAN (layer 2 network segment). Community name is 16 bytes in length. A name -smaller than this is padded with 0x00 bytes and a name longer than this is -truncated to take the first 16 bytes. +sets the n2n community name (see also N2N_COMMUNITY in ENVIRONMENT). All edges +within the same community appear on the same LAN (layer 2 network segment). +Community name is 16 bytes in length. A name smaller than this is padded with +0x00 bytes and a name longer than this is truncated to take the first 16 bytes. .TP \fB\-l \fR<\fIhost:port\fR>, \fB\-\-supernode-list\fR=<\fIhost:port\fR> sets the n2n supernode IP address and port to register to. Multiple supernodes @@ -204,6 +204,9 @@ shows detailed parameter description .TP .B N2N_KEY set the encryption key so it is not visible on the command line +.TP +.B N2N_COMMUNITY +set the community name so it is not visible on the command line .SH EXAMPLES .TP .B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-p 50001 \-l 123.121.120.119:7654 diff --git a/src/edge.c b/src/edge.c index 62cc823..f13fcc5 100644 --- a/src/edge.c +++ b/src/edge.c @@ -212,8 +212,9 @@ static void help (int level) { "[-g ] " #endif "\n\n environment " - "N2N_KEY instead of [-k ]" + "N2N_KEY instead of [-k ]" "\n variables " + "N2N_COMMUNITY instead of -c " "\n " "\n meaning of the " @@ -325,7 +326,8 @@ static void help (int level) { printf ("\n"); printf (" ENVIRONMENT VARIABLES\n"); printf (" ---------------------\n\n"); - printf(" N2N_KEY | encryption key (ASCII), not with '-k ...'\n"); + printf(" N2N_KEY | encryption key (ASCII), not with '-k ...'\n"); + printf(" N2N_COMMUNITY | community name (ASCII), overwritten by '-c ...'\n"); #ifdef WIN32 printf ("\n"); printf (" AVAILABLE TAP ADAPTERS\n"); diff --git a/src/edge_utils.c b/src/edge_utils.c index 436b738..7db9c37 100644 --- a/src/edge_utils.c +++ b/src/edge_utils.c @@ -3680,6 +3680,11 @@ void edge_init_conf_defaults (n2n_edge_conf_t *conf) { conf->encrypt_key = strdup(getenv("N2N_KEY")); conf->transop_id = N2N_TRANSFORM_ID_AES; } + if(getenv("N2N_COMMUNITY")) { + strncpy((char*)conf->community_name, getenv("N2N_COMMUNITY"), N2N_COMMUNITY_SIZE); + conf->community_name[N2N_COMMUNITY_SIZE - 1] = '\0'; + } + conf->metric = 0; }