kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

reviewed log messages (#744)

pull/759/head
Logan oos Even 3 years ago
committed by GitHub
parent
04f0bd88e6
commit
f6eb1377ec
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 306 additions and 295 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 112
      src/edge.c
  2. 287
      src/edge_utils.c
  3. 52
      src/sn.c
  4. 150
      src/sn_utils.c

112
src/edge.c
View File

@ -361,7 +361,7 @@ static void setPayloadCompression (n2n_edge_conf_t *conf, int compression) {
conf->compression = N2N_COMPRESSION_ID_NONE;
// internal comrpession scheme numbering differs from cli counting by one, hence plus one
// (internal: 0 == invalid, 1 == none, 2 == lzo, 3 == zstd)
traceEvent(TRACE_NORMAL, "the %s compression given by -z_ option is not supported in this version.", compression_str(compression + 1));
traceEvent(TRACE_NORMAL, "the %s compression given by -z_ option is not supported in this version", compression_str(compression + 1));
exit(1); // to make the user aware
}
}
@ -402,7 +402,7 @@ static void setPayloadEncryption (n2n_edge_conf_t *conf, int cipher) {
default: {
conf->transop_id = N2N_TRANSFORM_ID_INVAL;
traceEvent(TRACE_NORMAL, "the %s cipher given by -A_ option is not supported in this version.", transop_str(cipher));
traceEvent(TRACE_NORMAL, "the %s cipher given by -A_ option is not supported in this version", transop_str(cipher));
exit(1);
}
}
@ -432,7 +432,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
case 'E': /* multicast ethernet addresses accepted. */ {
conf->drop_multicast = 0;
traceEvent(TRACE_INFO, "Enabling ethernet multicast traffic");
traceEvent(TRACE_INFO, "enabling ethernet multicast traffic");
break;
}
@ -491,8 +491,8 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
if(optargument) {
cipher = atoi(optargument);
} else {
traceEvent(TRACE_WARNING, "the use of the solitary -A switch is deprecated and will not be supported in future versions. "
"please use -A3 instead to choose the AES cipher for payload encryption.");
traceEvent(TRACE_WARNING, "the use of the solitary -A switch is deprecated and will not be supported in future versions, "
"please use -A3 instead to choose AES cipher for payload encryption");
cipher = N2N_TRANSFORM_ID_AES; // default, if '-A' only
}
@ -514,8 +514,8 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
if(optargument) {
compression = atoi(optargument);
} else {
traceEvent(TRACE_WARNING, "the use of the solitary -z switch is deprecated and will not be supported in future versions. "
"please use -z1 instead to choose the LZO1X algorithm for payload compression.");
traceEvent(TRACE_WARNING, "the use of the solitary -z switch is deprecated and will not be supported in future versions, "
"please use -z1 instead to choose LZO1X algorithm for payload compression");
compression = 1; // default, if '-z' only, equals -z1
}
@ -527,7 +527,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
case 'l': /* supernode-list */ {
if(optargument) {
if(edge_conf_add_supernode(conf, optargument) != 0) {
traceEvent(TRACE_WARNING, "Failed to add supernode '%s'", optargument);
traceEvent(TRACE_WARNING, "failed to add supernode '%s'", optargument);
}
}
break;
@ -574,7 +574,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
ascii_to_bin(*(conf->federation_public_key), optargument);
}
} else {
traceEvent(TRACE_WARNING, "Public key too long.");
traceEvent(TRACE_WARNING, "public key too long");
return 2;
}
break;
@ -584,7 +584,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
conf->local_port = atoi(optargument);
if(conf->local_port == 0) {
traceEvent(TRACE_WARNING, "Bad local port format, using OS assigned port.");
traceEvent(TRACE_WARNING, "bad local port format, using OS assigned port");
break;
}
@ -624,7 +624,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
n2n_route_t route;
if(sscanf(optargument, "%63[^/]/%hhd:%63s", cidr_net, &route.net_bitlen, gateway) != 3) {
traceEvent(TRACE_WARNING, "Bad cidr/gateway format '%d'.", optargument);
traceEvent(TRACE_WARNING, "bad cidr/gateway format '%d'", optargument);
return 2;
}
@ -632,21 +632,21 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
route.gateway = inet_addr(gateway);
if((route.net_bitlen < 0) || (route.net_bitlen > 32)) {
traceEvent(TRACE_WARNING, "Bad prefix '%d' in '%s'", route.net_bitlen, optargument);
traceEvent(TRACE_WARNING, "bad prefix '%d' in '%s'", route.net_bitlen, optargument);
return 2;
}
if(route.net_addr == INADDR_NONE) {
traceEvent(TRACE_WARNING, "Bad network '%s' in '%s'", cidr_net, optargument);
traceEvent(TRACE_WARNING, "bad network '%s' in '%s'", cidr_net, optargument);
return 2;
}
if(route.gateway == INADDR_NONE) {
traceEvent(TRACE_WARNING, "Bad gateway '%s' in '%s'", gateway, optargument);
traceEvent(TRACE_WARNING, "bad gateway '%s' in '%s'", gateway, optargument);
return 2;
}
traceEvent(TRACE_NORMAL, "Adding %s/%d via %s", cidr_net, route.net_bitlen, gateway);
traceEvent(TRACE_NORMAL, "adding %s/%d via %s", cidr_net, route.net_bitlen, gateway);
conf->routes = realloc(conf->routes, sizeof(struct n2n_route) * (conf->num_routes + 1));
conf->routes[conf->num_routes] = route;
@ -660,8 +660,8 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
if(optargument) {
solitude = atoi(optargument);
} else {
traceEvent(TRACE_WARNING, "the use of the solitary -S switch is deprecated and will not be supported in future versions. "
"please use -S1 instead to choose supernode-only connection via UDP.");
traceEvent(TRACE_WARNING, "the use of the solitary -S switch is deprecated and will not be supported in future versions, "
"please use -S1 instead to choose supernode-only connection via UDP");
solitude = 1;
}
@ -696,7 +696,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
HASH_ADD(hh, conf->network_traffic_filter_rules, key, sizeof(filter_rule_key_t), new_rule);
} else {
free(new_rule);
traceEvent(TRACE_WARNING, "Invalid filter rule: %s", optargument);
traceEvent(TRACE_WARNING, "invalid filter rule: %s", optargument);
return 2;
}
break;
@ -709,7 +709,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
}
#endif
default: {
traceEvent(TRACE_WARNING, "Unknown option -%c", (char)optkey);
traceEvent(TRACE_WARNING, "unknown option -%c", (char)optkey);
return 2;
}
}
@ -791,7 +791,7 @@ static int loadFromFile (const char *path, n2n_edge_conf_t *conf, n2n_tuntap_pri
fd = fopen(path, "r");
if(fd == NULL) {
traceEvent(TRACE_WARNING, "Config file %s not found", path);
traceEvent(TRACE_WARNING, "config file %s not found", path);
return -1;
}
@ -830,7 +830,7 @@ static void daemonize () {
#ifndef WIN32
int childpid;
traceEvent(TRACE_NORMAL, "Parent process is exiting (this is normal)");
traceEvent(TRACE_NORMAL, "parent process is exiting (this is normal)");
signal(SIGPIPE, SIG_IGN);
signal(SIGHUP, SIG_IGN);
@ -838,7 +838,7 @@ static void daemonize () {
signal(SIGQUIT, SIG_IGN);
if((childpid = fork()) < 0)
traceEvent(TRACE_ERROR, "Occurred while daemonizing (errno=%d)",
traceEvent(TRACE_ERROR, "occurred while daemonizing (errno=%d)",
errno);
else {
if(!childpid) { /* child */
@ -847,7 +847,7 @@ static void daemonize () {
//traceEvent(TRACE_NORMAL, "Bye bye: I'm becoming a daemon...");
rc = chdir("/");
if(rc != 0)
traceEvent(TRACE_ERROR, "Error while moving to / directory");
traceEvent(TRACE_ERROR, "error while moving to / directory");
setsid(); /* detach from the terminal */
@ -885,10 +885,10 @@ BOOL WINAPI term_handler(DWORD sig)
static int called = 0;
if(called) {
traceEvent(TRACE_NORMAL, "Ok I am leaving now");
traceEvent(TRACE_NORMAL, "ok, I am leaving now");
_exit(0);
} else {
traceEvent(TRACE_NORMAL, "Shutting down...");
traceEvent(TRACE_NORMAL, "shutting down...");
called = 1;
}
@ -974,7 +974,7 @@ int main (int argc, char* argv[]) {
if(conf.transop_id == N2N_TRANSFORM_ID_NULL) {
if(conf.encrypt_key) {
// make sure that AES is default cipher if key only (and no cipher) is specified
traceEvent(TRACE_WARNING, "Switching to AES as key was provided.");
traceEvent(TRACE_WARNING, "switching to AES as key was provided");
conf.transop_id = N2N_TRANSFORM_ID_AES;
}
}
@ -984,14 +984,14 @@ int main (int argc, char* argv[]) {
if(!conf.federation_public_key) {
conf.federation_public_key = calloc(1, sizeof(n2n_private_public_key_t));
if(conf.federation_public_key) {
traceEvent(TRACE_WARNING, "Using default federation public key. FOR TESTING ONLY, usage of a custom federation name and key (-P) is highly recommended!");
traceEvent(TRACE_WARNING, "using default federation public key; FOR TESTING ONLY, usage of a custom federation name and key (-P) is highly recommended!");
generate_private_key(*(conf.federation_public_key), FEDERATION_NAME + 1);
generate_public_key(*(conf.federation_public_key), *(conf.federation_public_key));
}
}
// calculate public key and shared secret
if(conf.federation_public_key) {
traceEvent(TRACE_NORMAL, "Using username and password for edge authentication.");
traceEvent(TRACE_NORMAL, "using username and password for edge authentication");
bind_private_key_to_username(*(conf.shared_secret), conf.dev_desc);
conf.public_key = calloc(1, sizeof(n2n_private_public_key_t));
if(conf.public_key)
@ -1003,7 +1003,7 @@ int main (int argc, char* argv[]) {
}
// force header encryption
if(conf.header_encryption != HEADER_ENCRYPTION_ENABLED) {
traceEvent(TRACE_NORMAL, "Enabling header encryption for edge authentication.");
traceEvent(TRACE_NORMAL, "enabling header encryption for edge authentication");
conf.header_encryption = HEADER_ENCRYPTION_ENABLED;
}
}
@ -1014,14 +1014,14 @@ int main (int argc, char* argv[]) {
if(edge_verify_conf(&conf) != 0)
help(1); /* short help */
traceEvent(TRACE_NORMAL, "Starting n2n edge %s %s", PACKAGE_VERSION, PACKAGE_BUILDDATE);
traceEvent(TRACE_NORMAL, "starting n2n edge %s %s", PACKAGE_VERSION, PACKAGE_BUILDDATE);
#if defined(HAVE_OPENSSL_1_1)
traceEvent(TRACE_NORMAL, "Using %s", OpenSSL_version(0));
traceEvent(TRACE_NORMAL, "using %s", OpenSSL_version(0));
#endif
traceEvent(TRACE_NORMAL, "Using compression: %s.", compression_str(conf.compression));
traceEvent(TRACE_NORMAL, "Using %s cipher.", transop_str(conf.transop_id));
traceEvent(TRACE_NORMAL, "using compression: %s.", compression_str(conf.compression));
traceEvent(TRACE_NORMAL, "using %s cipher.", transop_str(conf.transop_id));
/* Random seed */
n2n_srand (n2n_seed());
@ -1029,33 +1029,33 @@ int main (int argc, char* argv[]) {
#ifndef WIN32
/* If running suid root then we need to setuid before using the force. */
if(setuid(0) != 0)
traceEvent(TRACE_ERROR, "Unable to become root [%u/%s]", errno, strerror(errno));
traceEvent(TRACE_ERROR, "unable to become root [%u/%s]", errno, strerror(errno));
/* setgid(0); */
#endif
if(conf.encrypt_key && !strcmp((char*)conf.community_name, conf.encrypt_key))
traceEvent(TRACE_WARNING, "Community and encryption key must differ, otherwise security will be compromised");
traceEvent(TRACE_WARNING, "community and encryption key must differ, otherwise security will be compromised");
if((eee = edge_init(&conf, &rc)) == NULL) {
traceEvent(TRACE_ERROR, "Failed in edge_init");
traceEvent(TRACE_ERROR, "failed in edge_init");
exit(1);
}
if(resolve_create_thread(&(eee->resolve_parameter), eee->conf.supernodes) == 0) {
traceEvent(TRACE_NORMAL, "Successfully created resolver thread");
traceEvent(TRACE_NORMAL, "successfully created resolver thread");
}
memcpy(&(eee->tuntap_priv_conf), &ec, sizeof(ec));
if((0 == strcmp("static", eee->tuntap_priv_conf.ip_mode)) ||
((eee->tuntap_priv_conf.ip_mode[0] == '\0') && (eee->tuntap_priv_conf.ip_addr[0] != '\0'))) {
traceEvent(TRACE_NORMAL, "Use manually set IP address.");
traceEvent(TRACE_NORMAL, "use manually set IP address");
eee->conf.tuntap_ip_mode = TUNTAP_IP_MODE_STATIC;
} else if(0 == strcmp("dhcp", eee->tuntap_priv_conf.ip_mode)) {
traceEvent(TRACE_NORMAL, "Obtain IP from other edge DHCP services.");
traceEvent(TRACE_NORMAL, "obtain IP from other edge DHCP services");
eee->conf.tuntap_ip_mode = TUNTAP_IP_MODE_DHCP;
} else {
traceEvent(TRACE_NORMAL, "Automatically assign IP address by supernode.");
traceEvent(TRACE_NORMAL, "automatically assign IP address by supernode");
eee->conf.tuntap_ip_mode = TUNTAP_IP_MODE_SN_ASSIGN;
}
@ -1067,7 +1067,7 @@ int main (int argc, char* argv[]) {
// exceptions:
if((HASH_COUNT(eee->conf.supernodes) <= 1) || (eee->conf.connect_tcp) || (eee->conf.shared_secret)) {
// skip the initial supernode ping
traceEvent(TRACE_DEBUG, "Skip PING to supernode.");
traceEvent(TRACE_DEBUG, "skip PING to supernode");
runlevel = 2;
}
@ -1087,7 +1087,7 @@ int main (int argc, char* argv[]) {
// (re-)initialize the number of max concurrent pings (decreases by calling send_query_peer)
eee->conf.number_max_sn_pings = NUMBER_SN_PINGS_INITIAL;
send_query_peer(eee, null_mac);
traceEvent(TRACE_NORMAL, "Send PING to supernodes.");
traceEvent(TRACE_NORMAL, "send PING to supernodes");
runlevel++;
}
@ -1098,14 +1098,14 @@ int main (int argc, char* argv[]) {
sn_selection_sort(&(eee->conf.supernodes));
eee->curr_sn = eee->conf.supernodes;
supernode_connect(eee);
traceEvent(TRACE_NORMAL, "Received first PONG from supernode [%s].", eee->curr_sn->ip_addr);
traceEvent(TRACE_NORMAL, "received first PONG from supernode [%s]", eee->curr_sn->ip_addr);
runlevel++;
} else if(last_action <= (now - BOOTSTRAP_TIMEOUT)) {
// timeout
runlevel--;
// skip waiting for answer to direcly go to send PING again
seek_answer = 0;
traceEvent(TRACE_DEBUG, "PONG timeout.");
traceEvent(TRACE_DEBUG, "PONG timeout");
}
}
@ -1116,7 +1116,7 @@ int main (int argc, char* argv[]) {
eee->sn_pong = 0;
if(eee->curr_sn->hh.next) {
sn_selection_sort((peer_info_t**)&(eee->curr_sn->hh.next));
traceEvent(TRACE_DEBUG, "Received additional PONG from supernode.");
traceEvent(TRACE_DEBUG, "received additional PONG from supernode");
// here, it is hard to detemine from which one, so no details to output
}
}
@ -1128,18 +1128,18 @@ int main (int argc, char* argv[]) {
eee->sn_wait = 1;
send_register_super(eee);
runlevel++;
traceEvent(TRACE_NORMAL, "Send REGISTER_SUPER to supernode [%s] asking for IP address.",
traceEvent(TRACE_NORMAL, "send REGISTER_SUPER to supernode [%s] asking for IP address",
eee->curr_sn->ip_addr);
} else {
runlevel += 2; /* skip waiting for TUNTAP IP address */
traceEvent(TRACE_DEBUG, "Skip auto IP address asignment.");
traceEvent(TRACE_DEBUG, "skip auto IP address asignment");
}
}
if(runlevel == 3) { /* REGISTER_SUPER to get auto ip address from a sn has been sent */
if(!eee->sn_wait) { /* TUNTAP IP address received */
runlevel++;
traceEvent(TRACE_NORMAL, "Received REGISTER_SUPER_ACK from supernode for IP address asignment.");
traceEvent(TRACE_NORMAL, "received REGISTER_SUPER_ACK from supernode for IP address asignment");
// it should be from curr_sn, but we can't determine definitely here, so no details to output
} else if(last_action <= (now - BOOTSTRAP_TIMEOUT)) {
// timeout, so try next supernode
@ -1151,7 +1151,7 @@ int main (int argc, char* argv[]) {
runlevel--;
// skip waiting for answer to direcly go to send REGISTER_SUPER again
seek_answer = 0;
traceEvent(TRACE_DEBUG, "REGISTER_SUPER_ACK timeout.");
traceEvent(TRACE_DEBUG, "REGISTER_SUPER_ACK timeout");
}
}
@ -1165,7 +1165,7 @@ int main (int argc, char* argv[]) {
) < 0)
exit(1);
memcpy(&eee->device, &tuntap, sizeof(tuntap));
traceEvent(TRACE_NORMAL, "Created local tap device IP: %s, Mask: %s, MAC: %s",
traceEvent(TRACE_NORMAL, "created local tap device IP: %s, Mask: %s, MAC: %s",
eee->tuntap_priv_conf.ip_addr,
eee->tuntap_priv_conf.netmask,
macaddr_str(mac_buf, eee->device.mac_addr));
@ -1232,27 +1232,27 @@ int main (int argc, char* argv[]) {
cap_set_flag(caps, CAP_EFFECTIVE, num_cap, cap_values, CAP_SET);
if((cap_set_proc(caps) != 0) || (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) != 0))
traceEvent(TRACE_WARNING, "Unable to retain permitted capabilities [%s]\n", strerror(errno));
traceEvent(TRACE_WARNING, "unable to retain permitted capabilities [%s]\n", strerror(errno));
#else
#ifndef __APPLE__
traceEvent(TRACE_WARNING, "n2n has not been compiled with libcap-dev. Some commands may fail.");
traceEvent(TRACE_WARNING, "n2n has not been compiled with libcap-dev; some commands may fail");
#endif
#endif /* HAVE_LIBCAP */
if((eee->tuntap_priv_conf.userid != 0) || (eee->tuntap_priv_conf.groupid != 0)) {
traceEvent(TRACE_NORMAL, "Dropping privileges to uid=%d, gid=%d",
traceEvent(TRACE_NORMAL, "dropping privileges to uid=%d, gid=%d",
(signed int)eee->tuntap_priv_conf.userid, (signed int)eee->tuntap_priv_conf.groupid);
/* Finished with the need for root privileges. Drop to unprivileged user. */
if((setgid(eee->tuntap_priv_conf.groupid) != 0)
|| (setuid(eee->tuntap_priv_conf.userid) != 0)) {
traceEvent(TRACE_ERROR, "Unable to drop privileges [%u/%s]", errno, strerror(errno));
traceEvent(TRACE_ERROR, "unable to drop privileges [%u/%s]", errno, strerror(errno));
exit(1);
}
}
if((getuid() == 0) || (getgid() == 0))
traceEvent(TRACE_WARNING, "Running as root is discouraged, check out the -u/-g options");
traceEvent(TRACE_WARNING, "running as root is discouraged, check out the -u/-g options");
#endif
#ifdef __linux__
@ -1275,7 +1275,7 @@ int main (int argc, char* argv[]) {
cap_set_flag(caps, CAP_EFFECTIVE, num_cap, cap_values, CAP_SET);
if(cap_set_proc(caps) != 0)
traceEvent(TRACE_WARNING, "Could not regain the capabilities [%s]\n", strerror(errno));
traceEvent(TRACE_WARNING, "could not regain the capabilities [%s]\n", strerror(errno));
cap_free(caps);
#endif

287
src/edge_utils.c
View File

@ -210,7 +210,7 @@ int supernode_connect(n2n_edge_t *eee) {
if(eee->sock < 0) {
if(eee->conf.local_port > 0)
traceEvent(TRACE_NORMAL, "Binding to local port %d",
traceEvent(TRACE_NORMAL, "binding to local port %d",
(eee->conf.connect_tcp) ? 0 : eee->conf.local_port);
eee->sock = open_socket((eee->conf.connect_tcp) ? 0 : eee->conf.local_port,
@ -218,7 +218,7 @@ int supernode_connect(n2n_edge_t *eee) {
eee->conf.connect_tcp);
if(eee->sock < 0) {
traceEvent(TRACE_ERROR, "Failed to bind main UDP port %u",
traceEvent(TRACE_ERROR, "failed to bind main UDP port %u",
(eee->conf.connect_tcp) ? 0 : eee->conf.local_port);
return -1;
}
@ -252,18 +252,18 @@ int supernode_connect(n2n_edge_t *eee) {
sockopt = eee->conf.tos;
if(setsockopt(eee->sock, IPPROTO_IP, IP_TOS, (char *)&sockopt, sizeof(sockopt)) == 0)
traceEvent(TRACE_NORMAL, "TOS set to 0x%x", eee->conf.tos);
traceEvent(TRACE_INFO, "TOS set to 0x%x", eee->conf.tos);
else
traceEvent(TRACE_ERROR, "Could not set TOS 0x%x[%d]: %s", eee->conf.tos, errno, strerror(errno));
traceEvent(TRACE_WARNING, "could not set TOS 0x%x[%d]: %s", eee->conf.tos, errno, strerror(errno));
}
#ifdef IP_PMTUDISC_DO
sockopt = (eee->conf.disable_pmtu_discovery) ? IP_PMTUDISC_DONT : IP_PMTUDISC_DO;
if(setsockopt(eee->sock, IPPROTO_IP, IP_MTU_DISCOVER, &sockopt, sizeof(sockopt)) < 0)
traceEvent(TRACE_WARNING, "Could not %s PMTU discovery[%d]: %s",
traceEvent(TRACE_WARNING, "could not %s PMTU discovery[%d]: %s",
(eee->conf.disable_pmtu_discovery) ? "disable" : "enable", errno, strerror(errno));
else
traceEvent(TRACE_DEBUG, "PMTU discovery %s", (eee->conf.disable_pmtu_discovery) ? "disabled" : "enabled");
traceEvent(TRACE_INFO, "PMTU discovery %s", (eee->conf.disable_pmtu_discovery) ? "disabled" : "enabled");
#endif
}
@ -297,12 +297,12 @@ n2n_edge_t* edge_init (const n2n_edge_conf_t *conf, int *rv) {
uint8_t tmp_key[N2N_AUTH_CHALLENGE_SIZE];
if((rc = edge_verify_conf(conf)) != 0) {
traceEvent(TRACE_ERROR, "Invalid configuration");
traceEvent(TRACE_ERROR, "invalid configuration");
goto edge_init_error;
}
if(!eee) {
traceEvent(TRACE_ERROR, "Cannot allocate memory");
traceEvent(TRACE_ERROR, "cannot allocate memory");
goto edge_init_error;
}
@ -328,7 +328,7 @@ n2n_edge_t* edge_init (const n2n_edge_conf_t *conf, int *rv) {
// zstd does not require initialization. if it were required, this would be a good place
#endif
traceEvent(TRACE_NORMAL, "Number of supernodes in the list: %d\n", HASH_COUNT(eee->conf.supernodes));
traceEvent(TRACE_NORMAL, "number of supernodes in the list: %d\n", HASH_COUNT(eee->conf.supernodes));
HASH_ITER(hh, eee->conf.supernodes, scan, tmp) {
traceEvent(TRACE_NORMAL, "supernode %u => %s\n", i, (scan->ip_addr));
i++;
@ -357,7 +357,7 @@ n2n_edge_t* edge_init (const n2n_edge_conf_t *conf, int *rv) {
}
if((rc < 0) || (eee->transop.fwd == NULL) || (eee->transop.transform_id != transop_id)) {
traceEvent(TRACE_ERROR, "Transop init failed");
traceEvent(TRACE_ERROR, "transop init failed");
goto edge_init_error;
}
@ -403,7 +403,7 @@ n2n_edge_t* edge_init (const n2n_edge_conf_t *conf, int *rv) {
}
if(eee->transop.no_encryption)
traceEvent(TRACE_WARNING, "Encryption is disabled in edge");
traceEvent(TRACE_WARNING, "encryption is disabled in edge");
// first time calling edge_init_sockets needs -1 in the sockets for it does throw an error
// on trying to close them (open_sockets does so for also being able to RE-open the sockets
@ -523,12 +523,12 @@ static void register_with_local_peers (n2n_edge_t * eee) {
#ifndef SKIP_MULTICAST_PEERS_DISCOVERY
if(eee->multicast_joined && eee->conf.allow_p2p) {
/* send registration to the local multicast group */
traceEvent(TRACE_DEBUG, "Registering with multicast group %s:%u",
traceEvent(TRACE_DEBUG, "registering with multicast group %s:%u",
N2N_MULTICAST_GROUP, N2N_MULTICAST_PORT);
send_register(eee, &(eee->multicast_peer), NULL);
}
#else
traceEvent(TRACE_DEBUG, "Multicast peers discovery is disabled, skipping");
traceEvent(TRACE_DEBUG, "multicast peers discovery is disabled, skipping");
#endif
}
@ -591,11 +591,11 @@ static void register_with_new_peer (n2n_edge_t *eee,
HASH_ADD_PEER(eee->pending_peers, scan);
traceEvent(TRACE_DEBUG, "=== new pending %s -> %s",
traceEvent(TRACE_DEBUG, "new pending peer %s [%s]",
macaddr_str(mac_buf, scan->mac_addr),
sock_to_cstr(sockbuf, &(scan->sock)));
traceEvent(TRACE_DEBUG, "Pending peers list size=%u",
traceEvent(TRACE_DEBUG, "pending peers list size=%u",
HASH_COUNT(eee->pending_peers));
/* trace Sending REGISTER */
if(from_supernode) {
@ -729,23 +729,23 @@ static void peer_set_p2p_confirmed (n2n_edge_t * eee,
HASH_ADD_PEER(eee->known_peers, scan);
scan->last_p2p = now;
traceEvent(TRACE_DEBUG, "P2P connection established: %s [%s]",
traceEvent(TRACE_DEBUG, "p2p connection established: %s [%s]",
macaddr_str(mac_buf, mac),
sock_to_cstr(sockbuf, peer));
traceEvent(TRACE_DEBUG, "=== new peer %s -> %s",
traceEvent(TRACE_DEBUG, "new peer %s [%s]",
macaddr_str(mac_buf, scan->mac_addr),
sock_to_cstr(sockbuf, &(scan->sock)));
traceEvent(TRACE_DEBUG, "Pending peers list size=%u",
traceEvent(TRACE_DEBUG, "pending peers list size=%u",
HASH_COUNT(eee->pending_peers));
traceEvent(TRACE_DEBUG, "Known peers list size=%u",
traceEvent(TRACE_DEBUG, "known peers list size=%u",
HASH_COUNT(eee->known_peers));
scan->last_seen = now;
} else
traceEvent(TRACE_DEBUG, "Failed to find sender in pending_peers.");
traceEvent(TRACE_DEBUG, "failed to find sender in pending_peers");
}
@ -890,7 +890,7 @@ static void check_known_peer_sock_change (n2n_edge_t *eee,
if(!sock_equal(&(scan->sock), peer)) {
if(!from_supernode) {
/* This is a P2P packet */
traceEvent(TRACE_NORMAL, "Peer changed %s: %s -> %s",
traceEvent(TRACE_NORMAL, "peer %s changed [%s] -> [%s]",
macaddr_str(mac_buf, scan->mac_addr),
sock_to_cstr(sockbuf1, &(scan->sock)),
sock_to_cstr(sockbuf2, peer));
@ -937,30 +937,30 @@ static ssize_t sendto_fd (n2n_edge_t *eee, const void *buf,
char * c = strerror(errno);
// downgrade to TRACE_DEBUG in case of custom AF_INVALID, i.e. supernode not resolved yet
if(errno == EAFNOSUPPORT /* 93 */) {
traceEvent(TRACE_DEBUG, "sendto_fd sendto failed (%d) %s", errno, c);
traceEvent(TRACE_DEBUG, "sendto failed (%d) %s", errno, c);
#ifdef WIN32
traceEvent(TRACE_DEBUG, "sendto_fd WSAGetLastError(): %u", WSAGetLastError());
traceEvent(TRACE_DEBUG, "WSAGetLastError(): %u", WSAGetLastError());
#endif
} else {
traceEvent(TRACE_ERROR, "sendto_fd sendto failed (%d) %s", errno, c);
traceEvent(TRACE_WARNING, "sendto failed (%d) %s", errno, c);
#ifdef WIN32
traceEvent(TRACE_ERROR, "sendto_fd WSAGetLastError(): %u", WSAGetLastError());
traceEvent(TRACE_WARNING, "WSAGetLastError(): %u", WSAGetLastError());
#endif
}
if(eee->conf.connect_tcp) {
supernode_disconnect(eee);
eee->sn_wait = 1;
traceEvent(TRACE_DEBUG, "sendto_fd disconnected supernode due to sendto() error");
traceEvent(TRACE_DEBUG, "disconnected supernode due to sendto() error");
return -1;
}
} else {
traceEvent(TRACE_DEBUG, "sendto_fd sent=%d to ", (signed int)sent);
traceEvent(TRACE_DEBUG, "sent=%d to ", (signed int)sent);
}
} else {
supernode_disconnect(eee);
eee->sn_wait = 1;
traceEvent(TRACE_DEBUG, "sendto_fd disconnected supernode due to select() timeout");
traceEvent(TRACE_DEBUG, "disconnected supernode due to select() timeout");
return -1;
}
return sent;
@ -1039,14 +1039,14 @@ static void check_join_multicast_group (n2n_edge_t *eee) {
#endif
if(setsockopt(eee->udp_multicast_sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (char *)&mreq, sizeof(mreq)) < 0) {
traceEvent(TRACE_WARNING, "Failed to bind to local multicast group %s:%u [errno %u]",
traceEvent(TRACE_WARNING, "failed to bind to local multicast group %s:%u [errno %u]",
N2N_MULTICAST_GROUP, N2N_MULTICAST_PORT, errno);
#ifdef WIN32
traceEvent(TRACE_ERROR, "WSAGetLastError(): %u", WSAGetLastError());
traceEvent(TRACE_WARNING, "WSAGetLastError(): %u", WSAGetLastError());
#endif
} else {
traceEvent(TRACE_NORMAL, "Successfully joined multicast group %s:%u",
traceEvent(TRACE_NORMAL, "successfully joined multicast group %s:%u",
N2N_MULTICAST_GROUP, N2N_MULTICAST_PORT);
eee->multicast_joined = 1;
}
@ -1171,7 +1171,7 @@ void send_register_super (n2n_edge_t *eee) {
idx = 0;
encode_REGISTER_SUPER(pktbuf, &idx, &cmn, &reg);
traceEvent(TRACE_DEBUG, "send REGISTER_SUPER to %s",
traceEvent(TRACE_DEBUG, "send REGISTER_SUPER to [%s]",
sock_to_cstr(sockbuf, &(eee->curr_sn->sock)));
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
@ -1214,7 +1214,7 @@ static void send_unregister_super (n2n_edge_t *eee) {
idx = 0;
encode_UNREGISTER_SUPER(pktbuf, &idx, &cmn, &unreg);
traceEvent(TRACE_DEBUG, "send UNREGISTER_SUPER to %s",
traceEvent(TRACE_DEBUG, "send UNREGISTER_SUPER to [%s]",
sock_to_cstr(sockbuf, &(eee->curr_sn->sock)));
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED)
@ -1246,7 +1246,7 @@ static int sort_supernodes (n2n_edge_t *eee, time_t now) {
reset_sup_attempts(eee);
supernode_connect(eee);
traceEvent(TRACE_INFO, "Registering with supernode [%s][number of supernodes %d][attempts left %u]",
traceEvent(TRACE_INFO, "registering with supernode [%s][number of supernodes %d][attempts left %u]",
supernode_ip(eee), HASH_COUNT(eee->conf.supernodes), (unsigned int)eee->sup_attempts);
send_register_super(eee);
@ -1287,7 +1287,7 @@ static void send_register (n2n_edge_t * eee,
n2n_sock_str_t sockbuf;
if(!eee->conf.allow_p2p) {
traceEvent(TRACE_DEBUG, "Skipping register as P2P is disabled");
traceEvent(TRACE_DEBUG, "skipping register as P2P is disabled");
return;
}
@ -1315,7 +1315,7 @@ static void send_register (n2n_edge_t * eee,
idx = 0;
encode_REGISTER(pktbuf, &idx, &cmn, &reg);
traceEvent(TRACE_INFO, "Send REGISTER to %s",
traceEvent(TRACE_INFO, "send REGISTER to [%s]",
sock_to_cstr(sockbuf, remote_peer));
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED)
@ -1341,7 +1341,7 @@ static void send_register_ack (n2n_edge_t * eee,
n2n_sock_str_t sockbuf;
if(!eee->conf.allow_p2p) {
traceEvent(TRACE_DEBUG, "Skipping register ACK as P2P is disabled");
traceEvent(TRACE_DEBUG, "skipping register ACK as P2P is disabled");
return;
}
@ -1360,7 +1360,7 @@ static void send_register_ack (n2n_edge_t * eee,
idx = 0;
encode_REGISTER_ACK(pktbuf, &idx, &cmn, &ack);
traceEvent(TRACE_INFO, "send REGISTER_ACK %s",
traceEvent(TRACE_INFO, "send REGISTER_ACK to [%s]",
sock_to_cstr(sockbuf, remote_peer));
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED)
@ -1409,7 +1409,7 @@ static void send_grat_arps (n2n_edge_t * eee) {
uint8_t buffer[48];
size_t len;
traceEvent(TRACE_DEBUG, "Sending gratuitous ARP...");
traceEvent(TRACE_DEBUG, "sending gratuitous ARP...");
len = build_gratuitous_arp(eee, (char*)buffer, sizeof(buffer));
edge_send_packet2net(eee, buffer, len);
@ -1450,7 +1450,7 @@ void update_supernode_reg (n2n_edge_t * eee, time_t now) {
sn_selection_criterion_bad(&(eee->curr_sn->selection_criterion));
sn_selection_sort(&(eee->conf.supernodes));
eee->curr_sn = eee->conf.supernodes;
traceEvent(TRACE_WARNING, "Supernode not responding, now trying %s", supernode_ip(eee));
traceEvent(TRACE_WARNING, "supernode not responding, now trying [%s]", supernode_ip(eee));
supernode_connect(eee);
reset_sup_attempts(eee);
// trigger out-of-schedule DNS resolution
@ -1475,12 +1475,12 @@ void update_supernode_reg (n2n_edge_t * eee, time_t now) {
if(eee->close_socket_counter >= N2N_CLOSE_SOCKET_COUNTER_MAX) {
eee->close_socket_counter = 0;
supernode_disconnect(eee);
traceEvent(TRACE_DEBUG, "update_supernode_reg disconnected supernode");
traceEvent(TRACE_DEBUG, "disconnected supernode");
}
}
supernode_connect(eee);
traceEvent(TRACE_DEBUG, "update_supernode_reg reconnected to supernode");
traceEvent(TRACE_DEBUG, "reconnected to supernode");
}
} else {
@ -1490,7 +1490,7 @@ void update_supernode_reg (n2n_edge_t * eee, time_t now) {
#ifndef HAVE_PTHREAD
if(supernode2sock(&(eee->curr_sn->sock), eee->curr_sn->ip_addr) == 0) {
#endif
traceEvent(TRACE_INFO, "Registering with supernode [%s][number of supernodes %d][attempts left %u]",
traceEvent(TRACE_INFO, "registering with supernode [%s][number of supernodes %d][attempts left %u]",
supernode_ip(eee), HASH_COUNT(eee->conf.supernodes), (unsigned int)eee->sup_attempts);
send_register_super(eee);
@ -1593,7 +1593,7 @@ static int handle_PACKET (n2n_edge_t * eee,
deflation_buffer = malloc(deflated_len);
deflated_len = ZSTD_decompress(deflation_buffer, deflated_len, eth_payload, eth_size);
if(ZSTD_isError(deflated_len)) {
traceEvent(TRACE_ERROR, "payload decompression failed with zstd error '%s'.",
traceEvent(TRACE_WARNING, "payload decompression failed with zstd error '%s'.",
ZSTD_getErrorName(deflated_len));
free(deflation_buffer);
return(-1); // cannot help it
@ -1601,13 +1601,13 @@ static int handle_PACKET (n2n_edge_t * eee,
break;
#endif
default:
traceEvent(TRACE_ERROR, "payload decompression failed: received packet indicating unsupported %s compression.",
traceEvent(TRACE_WARNING, "payload decompression failed: received packet indicating unsupported %s compression.",
compression_str(rx_compression_id));
return(-1); // cannot handle it
}
if(rx_compression_id != N2N_COMPRESSION_ID_NONE) {
traceEvent(TRACE_DEBUG, "payload decompression [%s]: deflated %u bytes to %u bytes",
traceEvent(TRACE_DEBUG, "payload decompression %s: deflated %u bytes to %u bytes",
compression_str(rx_compression_id), eth_size, (int)deflated_len);
memcpy(eth_payload ,deflation_buffer, deflated_len );
eth_size = deflated_len;
@ -1617,7 +1617,7 @@ static int handle_PACKET (n2n_edge_t * eee,
is_multicast = (is_ip6_discovery(eth_payload, eth_size) || is_ethMulticast(eth_payload, eth_size));
if(eee->conf.drop_multicast && is_multicast) {
traceEvent(TRACE_INFO, "Dropping RX multicast");
traceEvent(TRACE_INFO, "dropping RX multicast");
return(-1);
} else if((!eee->conf.allow_routing) && (!is_multicast)) {
/* Check if it is a routed packet */
@ -1628,11 +1628,11 @@ static int handle_PACKET (n2n_edge_t * eee,
/* Note: all elements of the_ip are in network order */
if(!memcmp(dst_mac, broadcast_mac, N2N_MAC_SIZE))
traceEvent(TRACE_DEBUG, "Broadcast packet [%s]",
traceEvent(TRACE_DEBUG, "RX broadcast packet destined to [%s]",
intoa(ntohl(*dst), ip_buf, sizeof(ip_buf)));
else if((*dst != eee->device.ip_addr)) {
/* This is a packet that needs to be routed */
traceEvent(TRACE_INFO, "Discarding routed packet [%s]",
traceEvent(TRACE_INFO, "discarding routed packet destined to [%s]",
intoa(ntohl(*dst), ip_buf, sizeof(ip_buf)));
return(-1);
} else {
@ -1644,32 +1644,32 @@ static int handle_PACKET (n2n_edge_t * eee,
if(eee->network_traffic_filter->filter_packet_from_peer(eee->network_traffic_filter, eee, orig_sender,
eth_payload, eth_size) == N2N_DROP) {
traceEvent(TRACE_DEBUG, "Filtered packet %u", (unsigned int)eth_size);
traceEvent(TRACE_DEBUG, "filtered packet of size %u", (unsigned int)eth_size);
return(0);
}
if(eee->cb.packet_from_peer) {
uint16_t tmp_eth_size = eth_size;
if(eee->cb.packet_from_peer(eee, orig_sender, eth_payload, &tmp_eth_size) == N2N_DROP) {
traceEvent(TRACE_DEBUG, "DROP packet %u", (unsigned int)eth_size);
traceEvent(TRACE_DEBUG, "DROP packet of size %u", (unsigned int)eth_size);
return(0);
}
eth_size = tmp_eth_size;
}
/* Write ethernet packet to tap device. */
traceEvent(TRACE_DEBUG, "sending to TAP %u", (unsigned int)eth_size);
traceEvent(TRACE_DEBUG, "sending data of size %u to TAP", (unsigned int)eth_size);
data_sent_len = tuntap_write(&(eee->device), eth_payload, eth_size);
if(data_sent_len == eth_size) {
retval = 0;
}
} else {
traceEvent(TRACE_ERROR, "invalid transop ID: expected %s(%u), got %s(%u) from %s [%s]",
traceEvent(TRACE_WARNING, "invalid transop ID: expected %s (%u), got %s (%u) from %s [%s]",
transop_str(eee->conf.transop_id), eee->conf.transop_id,
transop_str(rx_transop_id), rx_transop_id,
sock_to_cstr(sockbuf, orig_sender),
macaddr_str(mac_buf, pkt->srcMac));
macaddr_str(mac_buf, pkt->srcMac),
sock_to_cstr(sockbuf, orig_sender));
}
}
@ -1697,7 +1697,7 @@ static char *get_ip_from_arp (dec_ip_str_t buf, const n2n_mac_t req_mac) {
}
if(!(fd = fopen("/proc/net/arp", "r"))) {
traceEvent(TRACE_ERROR, "Could not open arp table. [%d]: %s", errno, strerror(errno));
traceEvent(TRACE_WARNING, "could not open arp table: %d - %s", errno, strerror(errno));
return buf;
}
@ -1747,7 +1747,7 @@ static void readFromMgmtSocket (n2n_edge_t *eee, int *keep_running) {
(struct sockaddr *) &sender_sock, (socklen_t *) &i);
if(recvlen < 0) {
traceEvent(TRACE_ERROR, "mgmt recvfrom failed with %s", strerror(errno));
traceEvent(TRACE_WARNING, "mgmt recvfrom failed: %d - %s", errno, strerror(errno));
return; /* failed to receive data from UDP */
}
@ -1769,7 +1769,7 @@ static void readFromMgmtSocket (n2n_edge_t *eee, int *keep_running) {
}
if(0 == memcmp(udp_buf, "stop", 4)) {
traceEvent(TRACE_ERROR, "stop command received.");
traceEvent(TRACE_NORMAL, "stop command received");
*keep_running = 0;
return;
}
@ -1778,7 +1778,7 @@ static void readFromMgmtSocket (n2n_edge_t *eee, int *keep_running) {
msg_len = 0;
setTraceLevel(getTraceLevel() + 1);
traceEvent(TRACE_ERROR, "+verb traceLevel=%u", (unsigned int) getTraceLevel());
traceEvent(TRACE_NORMAL, "+verb traceLevel=%u", (unsigned int) getTraceLevel());
msg_len += snprintf((char *) (udp_buf + msg_len), (N2N_PKT_BUF_SIZE - msg_len),
"> +OK traceLevel=%u\n", (unsigned int) getTraceLevel());
@ -1800,14 +1800,14 @@ static void readFromMgmtSocket (n2n_edge_t *eee, int *keep_running) {
"> -NOK traceLevel=%u\n", getTraceLevel());
}
traceEvent(TRACE_ERROR, "-verb traceLevel=%u", (unsigned int) getTraceLevel());
traceEvent(TRACE_NORMAL, "-verb traceLevel=%u", (unsigned int) getTraceLevel());
sendto(eee->udp_mgmt_sock, udp_buf, msg_len, 0/*flags*/,
(struct sockaddr *) &sender_sock, sizeof(struct sockaddr_in));
return;
}
traceEvent(TRACE_DEBUG, "mgmt status rq");
traceEvent(TRACE_DEBUG, "mgmt status requested");
msg_len = 0;
msg_len += snprintf((char *) (udp_buf + msg_len), (N2N_PKT_BUF_SIZE - msg_len),
@ -1979,12 +1979,12 @@ static int find_peer_destination (n2n_edge_t * eee,
time_t now = time(NULL);
if(is_multi_broadcast(mac_address)) {
traceEvent(TRACE_DEBUG, "Multicast or broadcast destination peer, using supernode");
traceEvent(TRACE_DEBUG, "multicast or broadcast destination peer, using supernode");
memcpy(destination, &(eee->curr_sn->sock), sizeof(struct sockaddr_in));
return(0);
}
traceEvent(TRACE_DEBUG, "Searching destination peer for MAC %s",
traceEvent(TRACE_DEBUG, "searching destination socket for %s",
macaddr_str(mac_buf, mac_address));
HASH_FIND_PEER(eee->known_peers, mac_address, scan);
@ -1993,7 +1993,7 @@ static int find_peer_destination (n2n_edge_t * eee,
if((now - scan->last_p2p) >= (scan->timeout / 2)) {
/* Too much time passed since we saw the peer, need to register again
* since the peer address may have changed. */
traceEvent(TRACE_DEBUG, "Refreshing idle known peer");
traceEvent(TRACE_DEBUG, "refreshing idle known peer");
HASH_DEL(eee->known_peers, scan);
free(scan);
/* NOTE: registration will be performed upon the receival of the next response packet */
@ -2006,13 +2006,13 @@ static int find_peer_destination (n2n_edge_t * eee,
if(retval == 0) {
memcpy(destination, &(eee->curr_sn->sock), sizeof(struct sockaddr_in));
traceEvent(TRACE_DEBUG, "P2P Peer [MAC=%s] not found, using supernode",
traceEvent(TRACE_DEBUG, "p2p peer %s not found, using supernode",
macaddr_str(mac_buf, mac_address));
check_query_peer_info(eee, now, mac_address);
}
traceEvent(TRACE_DEBUG, "find_peer_address (%s) -> [%s]",
traceEvent(TRACE_DEBUG, "found peer's socket %s [%s]",
macaddr_str(mac_buf, mac_address),
sock_to_cstr(sockbuf, destination));
@ -2039,9 +2039,9 @@ static int send_packet (n2n_edge_t * eee,
is_p2p = find_peer_destination(eee, dstMac, &destination);
traceEvent(TRACE_INFO, "Tx PACKET to %s (dest=%s) [%u B]",
sock_to_cstr(sockbuf, &destination),
macaddr_str(mac_buf, dstMac), pktlen);
traceEvent(TRACE_INFO, "Tx PACKET of %u bytes to %s [%s]",
pktlen, macaddr_str(mac_buf, dstMac),
sock_to_cstr(sockbuf, &destination));
if(is_p2p)
++(eee->stats.tx_p2p);
@ -2092,7 +2092,7 @@ void edge_send_packet2net (n2n_edge_t * eee,
/* Note: all elements of the_ip are in network order */
if(*src != eee->device.ip_addr) {
/* This is a packet that needs to be routed */
traceEvent(TRACE_INFO, "Discarding routed packet [%s]",
traceEvent(TRACE_INFO, "discarding routed packet destined to [%s]",
intoa(ntohl(*src), ip_buf, sizeof(ip_buf)));
return;
} else {
@ -2180,7 +2180,7 @@ void edge_send_packet2net (n2n_edge_t * eee,
pktbuf + idx, N2N_PKT_BUF_SIZE - idx,
tap_pkt, len, pkt.dstMac);
traceEvent(TRACE_DEBUG, "Encode %u B PACKET [%u B data, %u B overhead] transform %u",
traceEvent(TRACE_DEBUG, "encode PACKET of %u bytes, %u bytes data, %u bytes overhead, transform %u",
(u_int)idx, (u_int)len, (u_int)(idx - len), tx_transop_idx);
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED)
@ -2230,13 +2230,13 @@ void edge_read_from_tap (n2n_edge_t * eee) {
);
} else {
const uint8_t * mac = eth_pkt;
traceEvent(TRACE_DEBUG, "### Rx TAP packet (%4d) for %s",
traceEvent(TRACE_DEBUG, "Rx TAP packet (%4d) for %s",
(signed int)len, macaddr_str(mac_buf, mac));
if(eee->conf.drop_multicast &&
(is_ip6_discovery(eth_pkt, len) ||
is_ethMulticast(eth_pkt, len))) {
traceEvent(TRACE_INFO, "Dropping TX multicast");
traceEvent(TRACE_INFO, "dropping Tx multicast");
} else {
if(!eee->last_sup) {
// drop packets before first registration with supernode
@ -2247,7 +2247,7 @@ void edge_read_from_tap (n2n_edge_t * eee) {
if(eee->network_traffic_filter) {
if(eee->network_traffic_filter->filter_packet_from_tap(eee->network_traffic_filter, eee, eth_pkt,
len) == N2N_DROP) {
traceEvent(TRACE_DEBUG, "Filtered packet %u", (unsigned int)len);
traceEvent(TRACE_DEBUG, "filtered packet of size %u", (unsigned int)len);
return;
}
}
@ -2255,7 +2255,7 @@ void edge_read_from_tap (n2n_edge_t * eee) {
if(eee->cb.packet_from_tap) {
uint16_t tmp_len = len;
if(eee->cb.packet_from_tap(eee, eth_pkt, &tmp_len) == N2N_DROP) {
traceEvent(TRACE_DEBUG, "DROP packet %u", (unsigned int)len);
traceEvent(TRACE_DEBUG, "DROP packet of size %u", (unsigned int)len);
return;
}
len = tmp_len;
@ -2311,7 +2311,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
via_multicast = (in_sock == eee->udp_multicast_sock);
traceEvent(TRACE_DEBUG, "### Rx N2N UDP (%d) from %s",
traceEvent(TRACE_DEBUG, "Rx N2N_UDP of size %d from [%s]",
(signed int)udp_size, sock_to_cstr(sockbuf1, &sender));
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
@ -2335,7 +2335,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
&stamp);
}
if(!header_enc) {
traceEvent(TRACE_DEBUG, "readFromIPSocket failed to decrypt header.");
traceEvent(TRACE_DEBUG, "failed to decrypt header");
return;
}
// time stamp verification follows in the packet specific section as it requires to determine the
@ -2350,7 +2350,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
// from some other edge on local network, possibly header encrypted
traceEvent(TRACE_DEBUG, "dropped packet arriving via multicast due to error while decoding N2N_UDP");
} else {
traceEvent(TRACE_WARNING, "failed to decode common section in N2N_UDP");
traceEvent(TRACE_INFO, "failed to decode common section in N2N_UDP");
}
return; /* failed to decode packet */
}
@ -2363,7 +2363,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
&& (msg_type != MSG_TYPE_REGISTER_SUPER_ACK)
&& (msg_type != MSG_TYPE_REGISTER_SUPER_NAK)) {
if(header_enc != 2) {
traceEvent(TRACE_WARNING, "process_udp dropped packet encrypted with static key where dynamic key expected.");
traceEvent(TRACE_INFO, "dropped packet encrypted with static key where dynamic key expected");
return;
}
}
@ -2374,7 +2374,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
skip_add = SN_ADD_SKIP;
sn = add_sn_to_list_by_mac_or_sock (&(eee->conf.supernodes), &sender, null_mac, &skip_add);
if(!sn) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped incoming data from unknown supernode.");
traceEvent(TRACE_DEBUG, "dropped incoming data from unknown supernode");
return;
}
}
@ -2389,14 +2389,14 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, pkt.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped PACKET due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped PACKET due to time stamp error");
return;
}
}
if(!eee->last_sup) {
// drop packets received before first registration with supernode
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped PACKET recevied before first registration with supernode.");
traceEvent(TRACE_DEBUG, "dropped PACKET recevied before first registration with supernode");
return;
}
@ -2409,13 +2409,14 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
* a valid channel. We still use check_peer_registration_needed in
* handle_PACKET to double check this.
*/
traceEvent(TRACE_DEBUG, "Got P2P packet");
traceEvent(TRACE_DEBUG, "[P2P] Rx data from %s [%u B]", sock_to_cstr(sockbuf1, &sender), udp_size);
traceEvent(TRACE_DEBUG, "[p2p] from %s",
macaddr_str(mac_buf1, pkt.srcMac));
find_and_remove_peer(&eee->pending_peers, pkt.srcMac);
} else {
/* [PsP] : edge Peer->Supernode->edge Peer */
traceEvent(TRACE_DEBUG, "[PsP] Rx data from %s (Via=%s) [%u B]",
sock_to_cstr(sockbuf2, orig_sender), sock_to_cstr(sockbuf1, &sender), udp_size);
traceEvent(TRACE_DEBUG, "[pSp] from %s via [%s]",
macaddr_str(mac_buf1, pkt.srcMac),
sock_to_cstr(sockbuf1, &sender));
}
/* Update the sender in peer table entry */
@ -2437,7 +2438,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, reg.srcMac, stamp,
via_multicast ? TIME_STAMP_ALLOW_JITTER : TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER due to time stamp error");
return;
}
}
@ -2446,12 +2447,12 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
orig_sender = &(reg.sock);
if(via_multicast && !memcmp(reg.srcMac, eee->device.mac_addr, N2N_MAC_SIZE)) {
traceEvent(TRACE_DEBUG, "Skipping REGISTER from self");
traceEvent(TRACE_DEBUG, "skipping REGISTER from self");
break;
}
if(!via_multicast && memcmp(reg.dstMac, eee->device.mac_addr, N2N_MAC_SIZE)) {
traceEvent(TRACE_DEBUG, "Skipping REGISTER for other peer");
traceEvent(TRACE_DEBUG, "skipping REGISTER for other peer");
break;
}
@ -2461,16 +2462,17 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
* a valid channel. We still use check_peer_registration_needed below
* to double check this.
*/
traceEvent(TRACE_DEBUG, "Got P2P register");
traceEvent(TRACE_INFO, "[P2P] Rx REGISTER from %s", sock_to_cstr(sockbuf1, &sender));
traceEvent(TRACE_INFO, "[p2p] Rx REGISTER from %s [%s]",
macaddr_str(mac_buf1, reg.srcMac),
sock_to_cstr(sockbuf1, &sender));
find_and_remove_peer(&eee->pending_peers, reg.srcMac);
/* NOTE: only ACK to peers */
send_register_ack(eee, orig_sender, &reg);
} else {
traceEvent(TRACE_INFO, "[PsP] Rx REGISTER src=%s dst=%s from sn=%s (edge:%s)",
macaddr_str(mac_buf1, reg.srcMac), macaddr_str(mac_buf2, reg.dstMac),
sock_to_cstr(sockbuf1, &sender), sock_to_cstr(sockbuf2, orig_sender));
traceEvent(TRACE_INFO, "[pSp] Rx REGISTER from %s [%s] to %s via [%s]",
macaddr_str(mac_buf1, reg.srcMac), sock_to_cstr(sockbuf2, orig_sender),
macaddr_str(mac_buf2, reg.dstMac), sock_to_cstr(sockbuf1, &sender));
}
check_peer_registration_needed(eee, from_supernode, via_multicast,
@ -2486,7 +2488,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, ra.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_ACK due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_ACK due to time stamp error");
return;
}
}
@ -2494,11 +2496,11 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(is_valid_peer_sock(&ra.sock))
orig_sender = &(ra.sock);
traceEvent(TRACE_INFO, "Rx REGISTER_ACK src=%s dst=%s from peer %s (%s)",
traceEvent(TRACE_INFO, "Rx REGISTER_ACK from %s [%s] to %s via [%s]",
macaddr_str(mac_buf1, ra.srcMac),
sock_to_cstr(sockbuf2, orig_sender),
macaddr_str(mac_buf2, ra.dstMac),
sock_to_cstr(sockbuf1, &sender),
sock_to_cstr(sockbuf2, orig_sender));
sock_to_cstr(sockbuf1, &sender));
peer_set_p2p_confirmed(eee, ra.srcMac, &sender, now);
break;
@ -2514,7 +2516,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
int skip_add;
if(!(eee->sn_wait)) {
traceEvent(TRACE_DEBUG, "Rx REGISTER_SUPER_ACK with no outstanding REGISTER_SUPER.");
traceEvent(TRACE_DEBUG, "Rx REGISTER_SUPER_ACK with no outstanding REGISTER_SUPER");
return;
}
@ -2523,7 +2525,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, ra.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_SUPER_ACK due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_SUPER_ACK due to time stamp error");
return;
}
}
@ -2532,20 +2534,20 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.shared_secret) {
speck_128_encrypt(hash_buf, (speck_context_t*)eee->conf.shared_secret_ctx);
if(memcmp(hash_buf, udp_buf + udp_size - N2N_REG_SUP_HASH_CHECK_LEN /* length is has already been checked */, N2N_REG_SUP_HASH_CHECK_LEN)) {
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong hash.");
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong hash");
return;
}
}
if(memcmp(ra.cookie, eee->curr_sn->last_cookie, N2N_COOKIE_SIZE)) {
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old cookie.");
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old cookie");
return;
}
if(handle_remote_auth(eee, sn, &(ra.auth))) {
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old response to challenge.");
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old response to challenge");
if(eee->conf.shared_secret) {
traceEvent(TRACE_NORMAL, "Rx REGISTER_SUPER_ACK with wrong or old response to challenge, maybe indicating wrong federation public key (-P).");
traceEvent(TRACE_NORMAL, "Rx REGISTER_SUPER_ACK with wrong or old response to challenge, maybe indicating wrong federation public key (-P)");
}
return;
}
@ -2553,7 +2555,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(is_valid_peer_sock(&ra.sock))
orig_sender = &(ra.sock);
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK from MAC %s [%s] (external %s). Attempts %u",
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK from %s [%s] (external %s) with %u attempts left",
macaddr_str(mac_buf1, ra.srcMac),
sock_to_cstr(sockbuf1, &sender),
sock_to_cstr(sockbuf2, orig_sender),
@ -2582,7 +2584,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
}
sn_selection_criterion_default(&(sn->selection_criterion));
sn->last_seen = 0; /* as opposed to payload handling in supernode */
traceEvent(TRACE_NORMAL, "Supernode '%s' added to the list of supernodes.", sn->ip_addr);
traceEvent(TRACE_NORMAL, "supernode '%s' added to the list of supernodes.", sn->ip_addr);
}
// shift to next payload entry
payload++;
@ -2603,8 +2605,8 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
// still null_mac) this allows reliable in/out PACKET drop if not really registered with a supernode yet
if(!is_null_mac(eee->device.mac_addr)) {
if(!eee->last_sup) {
// indicates successful connection between the edge and a supernode
traceEvent(TRACE_NORMAL, "[OK] Edge Peer <<< ================ >>> Super Node");
// indicates first successful connection between the edge and a supernode
traceEvent(TRACE_NORMAL, "[OK] edge <<< ================ >>> supernode");
// send gratuitous ARP only upon first registration with supernode
send_grat_arps(eee);
}
@ -2630,7 +2632,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(!(eee->sn_wait)) {
traceEvent(TRACE_DEBUG, "Rx REGISTER_SUPER_NAK with no outstanding REGISTER_SUPER.");
traceEvent(TRACE_DEBUG, "Rx REGISTER_SUPER_NAK with no outstanding REGISTER_SUPER");
return;
}
@ -2639,13 +2641,13 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, nak.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped REGISTER_SUPER_NAK due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_SUPER_NAK due to time stamp error");
return;
}
}
if(memcmp(nak.cookie, eee->curr_sn->last_cookie, N2N_COOKIE_SIZE)) {
traceEvent(TRACE_DEBUG, "Rx REGISTER_SUPER_NAK with wrong or old cookie.");
traceEvent(TRACE_DEBUG, "Rx REGISTER_SUPER_NAK with wrong or old cookie");
return;
}
@ -2657,9 +2659,9 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if((memcmp(nak.srcMac, eee->device.mac_addr, sizeof(n2n_mac_t))) == 0) {
if(eee->conf.shared_secret) {
traceEvent(TRACE_ERROR, "Authentication error. username or password not recognized by supernode.");
traceEvent(TRACE_ERROR, "authentication error, username or password not recognized by supernode");
} else {
traceEvent(TRACE_ERROR, "Authentication error. MAC or IP address already in use or not released yet by supernode.");
traceEvent(TRACE_ERROR, "authentication error, MAC or IP address already in use or not released yet by supernode");
}
// REVISIT: the following portion is too harsh, repeated error warning should be sufficient until it eventually is resolved,
// preventing de-auth attacks
@ -2687,15 +2689,15 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, null_mac, stamp, TIME_STAMP_ALLOW_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped PEER_INFO due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped PEER_INFO due to time stamp error");
return;
}
}
if(!is_valid_peer_sock(&pi.sock)) {
traceEvent(TRACE_DEBUG, "Skip invalid PEER_INFO %s [%s]",
sock_to_cstr(sockbuf1, &pi.sock),
macaddr_str(mac_buf1, pi.mac));
traceEvent(TRACE_DEBUG, "skip invalid PEER_INFO from %s [%s]",
macaddr_str(mac_buf1, pi.mac),
sock_to_cstr(sockbuf1, &pi.sock));
break;
}
@ -2708,7 +2710,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
scan->last_seen = now;
/* The data type depends on the actual selection strategy that has been chosen. */
sn_selection_criterion_calculate(eee, scan, &pi.data);
traceEvent(TRACE_INFO, "Rx PONG from supernode '%s'",
traceEvent(TRACE_INFO, "Rx PONG from supernode %s",
macaddr_str(mac_buf1, pi.srcMac));
break;
@ -2719,7 +2721,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(scan) {
scan->sock = pi.sock;
traceEvent(TRACE_INFO, "Rx PEER_INFO for %s: is at %s",
traceEvent(TRACE_INFO, "Rx PEER_INFO %s can be found at [%s]",
macaddr_str(mac_buf1, pi.mac),
sock_to_cstr(sockbuf1, &pi.sock));
@ -2737,7 +2739,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
if(eee->conf.header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_peer_time_stamp_and_verify(eee, sn, null_mac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "readFromIPSocket dropped RE_REGISTER due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped RE_REGISTER due to time stamp error");
return;
}
}
@ -2746,7 +2748,7 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
// key is required for continous traffic flow, in other modes edge will realize
// changes with regular recurring REGISTER_SUPER
if(!eee->conf.shared_secret) {
traceEvent(TRACE_DEBUG, "readFromIPScoket dropped RE_REGISTER_SUPER as not in user/pw auth mode.");
traceEvent(TRACE_DEBUG, "dropped RE_REGISTER_SUPER as not in user/pw auth mode");
return;
}
@ -2759,13 +2761,13 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
default:
/* Not a known message type */
traceEvent(TRACE_WARNING, "Unable to handle packet type %d: ignored", (signed int)msg_type);
traceEvent(TRACE_WARNING, "unable to handle packet type %d: ignored", (signed int)msg_type);
return;
} /* switch(msg_type) */
} else if(from_supernode) /* if(community match) */
traceEvent(TRACE_WARNING, "Received packet with unknown community");
traceEvent(TRACE_WARNING, "received packet with unknown community");
else
traceEvent(TRACE_INFO, "Ignoring packet with unknown community");
traceEvent(TRACE_INFO, "ignoring packet with unknown community");
}
@ -2794,9 +2796,9 @@ int fetch_and_eventually_process_data (n2n_edge_t *eee, SOCKET sock,
) {
/* For UDP bread of zero just means no data (unlike TCP). */
/* The fd is no good now. Maybe we lost our interface. */
traceEvent(TRACE_ERROR, "fetch_and_eventually_process_data's recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno));
traceEvent(TRACE_ERROR, "recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno));
#ifdef WIN32
traceEvent(TRACE_ERROR, "fetch_and_eventually_process_data's WSAGetLastError(): %u", WSAGetLastError());
traceEvent(TRACE_ERROR, "WSAGetLastError(): %u", WSAGetLastError());
#endif
return -1;
}
@ -2817,13 +2819,13 @@ int fetch_and_eventually_process_data (n2n_edge_t *eee, SOCKET sock,
pktbuf + *position, *expected - *position, 0 /*flags*/,
(struct sockaddr *)&sender_sock, (socklen_t *)&i);
if((bread <= 0) && (errno)) {
traceEvent(TRACE_ERROR, "fetch_and_eventually_process_data's recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno));
traceEvent(TRACE_ERROR, "recvfrom() failed %d errno %d (%s)", bread, errno, strerror(errno));
#ifdef WIN32
traceEvent(TRACE_ERROR, "fetch_and_eventually_process_data's WSAGetLastError(): %u", WSAGetLastError());
traceEvent(TRACE_ERROR, "WSAGetLastError(): %u", WSAGetLastError());
#endif
supernode_disconnect(eee);
eee->sn_wait = 1;
traceEvent(TRACE_DEBUG, "fetch_and_eventually_process_data disconnected supernode due to connection error");
traceEvent(TRACE_DEBUG, "disconnected supernode due to connection error");
goto tcp_done;
}
*position = *position + bread;
@ -2835,7 +2837,7 @@ int fetch_and_eventually_process_data (n2n_edge_t *eee, SOCKET sock,
if(*expected > N2N_PKT_BUF_SIZE) {
supernode_disconnect(eee);
eee->sn_wait = 1;
traceEvent(TRACE_DEBUG, "run_edge_loop disconnected supernode due to too many bytes expected");
traceEvent(TRACE_DEBUG, "disconnected supernode due to too many bytes expected");
goto tcp_done;
}
} else {
@ -3018,7 +3020,7 @@ int run_edge_loop (n2n_edge_t *eee, int *keep_running) {
((now - lastIfaceCheck) > IFACE_UPDATE_INTERVAL)) {
uint32_t old_ip = eee->device.ip_addr;
traceEvent(TRACE_NORMAL, "Re-checking dynamic IP address.");
traceEvent(TRACE_NORMAL, "re-checking dynamic IP address");
tuntap_get_address(&(eee->device));
lastIfaceCheck = now;
@ -3093,7 +3095,7 @@ static int edge_init_sockets (n2n_edge_t *eee) {
eee->udp_mgmt_sock = open_socket(eee->conf.mgmt_port, 0 /* bind LOOPBACK */, 0, 0 /* UDP */);
if(eee->udp_mgmt_sock < 0) {
traceEvent(TRACE_ERROR, "Failed to bind management UDP port %u", eee->conf.mgmt_port);
traceEvent(TRACE_ERROR, "failed to bind management UDP port %u", eee->conf.mgmt_port);
return(-2);
}
@ -3386,12 +3388,12 @@ static int edge_init_routes_linux (n2n_edge_t *eee, n2n_route_t *routes, uint16_
uint32_t *a;
if(eee->sn_route_to_clean) {
traceEvent(TRACE_ERROR, "Only one default gateway route allowed");
traceEvent(TRACE_ERROR, "only one default gateway route allowed");
return(-1);
}
if(eee->conf.sn_num != 1) {
traceEvent(TRACE_ERROR, "Only one supernode supported with routes");
traceEvent(TRACE_ERROR, "only one supernode supported with routes");
return(-1);
}
@ -3399,7 +3401,7 @@ static int edge_init_routes_linux (n2n_edge_t *eee, n2n_route_t *routes, uint16_
return(-1);
if(sn.family != AF_INET) {
traceEvent(TRACE_ERROR, "Only IPv4 routes supported");
traceEvent(TRACE_ERROR, "only IPv4 routes supported");
return(-1);
}
@ -3465,7 +3467,16 @@ static int edge_init_routes_win (n2n_edge_t *eee, n2n_route_t *routes, uint16_t
for(i = 0; i < num_routes; i++) {
n2n_route_t *route = &routes[i];
if((route->net_addr == 0) && (route->net_bitlen == 0)) {
traceEvent(TRACE_NORMAL, "Warning: The 0.0.0.0/0 route settings are not supported on Windows");
// REVISIT: there might be a chance to get it working on Windows following the hints at
// https://docs.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipinterface_row
//
// " The DisableDefaultRoutes member of the MIB_IPINTERFACE_ROW structure can be used to disable
// using the default route on an interface. This member can be used as a security measure by
// VPN clients to restrict split tunneling when split tunneling is not required by the VPN client.
// A VPN client can call the SetIpInterfaceEntry function to set the DisableDefaultRoutes member
// to TRUE when required. A VPN client can query the current state of the DisableDefaultRoutes
// member by calling the GetIpInterfaceEntry function. "
traceEvent(TRACE_WARNING, "the 0.0.0.0/0 route settings are not supported on Windows");
return(-1);
} else {
/* ip route add net via n2n_gateway */
@ -3581,7 +3592,7 @@ int edge_conf_add_supernode (n2n_edge_conf_t *conf, const char *ip_and_port) {
rv = supernode2sock(sock, ip_and_port);
if(rv < -2) { /* we accept resolver failure as it might resolve later */
traceEvent(TRACE_WARNING, "Invalid supernode parameter.");
traceEvent(TRACE_WARNING, "invalid supernode parameter.");
free(sock);
return 1;
}
@ -3602,7 +3613,7 @@ int edge_conf_add_supernode (n2n_edge_conf_t *conf, const char *ip_and_port) {
free(sock);
traceEvent(TRACE_NORMAL, "Adding supernode = %s", sn->ip_addr);
traceEvent(TRACE_NORMAL, "adding supernode = %s", sn->ip_addr);
conf->sn_num++;
return 0;

52
src/sn.c
View File

@ -164,7 +164,7 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
sss->lport = atoi(_optarg);
if(sss->lport == 0)
traceEvent(TRACE_WARNING, "Bad local port format, defaulting to %u", N2N_SN_LPORT_DEFAULT);
traceEvent(TRACE_WARNING, "bad local port format, defaulting to %u", N2N_SN_LPORT_DEFAULT);
// default is made sure in sn_init()
break;
@ -173,7 +173,7 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
sss->mport = atoi(_optarg);
if(sss->mport == 0)
traceEvent(TRACE_WARNING, "Bad management port format, defaulting to %u", N2N_SN_MGMT_PORT);
traceEvent(TRACE_WARNING, "bad management port format, defaulting to %u", N2N_SN_MGMT_PORT);
// default is made sure in sn_init()
break;
@ -188,12 +188,12 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
length = strlen(_optarg);
if(length >= N2N_EDGE_SN_HOST_SIZE) {
traceEvent(TRACE_WARNING, "Size of -l argument too long: %zu. Maximum size is %d", length, N2N_EDGE_SN_HOST_SIZE);
traceEvent(TRACE_WARNING, "size of -l argument too long: %zu; maximum size is %d", length, N2N_EDGE_SN_HOST_SIZE);
return 1;
}
if(!double_column) {
traceEvent(TRACE_WARNING, "Invalid -l format: missing port");
traceEvent(TRACE_WARNING, "invalid -l format, missing port");
return 1;
}
@ -201,7 +201,7 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
rv = supernode2sock(socket, _optarg);
if(rv < -2) { /* we accept resolver failure as it might resolve later */
traceEvent(TRACE_WARNING, "Invalid supernode parameter.");
traceEvent(TRACE_WARNING, "invalid supernode parameter");
free(socket);
return 1;
}
@ -234,7 +234,7 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
uint32_t mask;
if(sscanf(_optarg, "%15[^\\-]-%15[^/]/%hhu", ip_min_str, ip_max_str, &bitlen) != 3) {
traceEvent(TRACE_WARNING, "Bad net-net/bit format '%s'.", _optarg);
traceEvent(TRACE_WARNING, "bad net-net/bit format '%s'.", _optarg);
return 2;
}
@ -245,20 +245,20 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
|| (net_max == (in_addr_t)(-1)) || (net_max == INADDR_NONE) || (net_max == INADDR_ANY)
|| (ntohl(net_min) > ntohl(net_max))
|| ((ntohl(net_min) & ~mask) != 0) || ((ntohl(net_max) & ~mask) != 0)) {
traceEvent(TRACE_WARNING, "Bad network range '%s...%s/%u' in '%s', defaulting to '%s...%s/%d'",
traceEvent(TRACE_WARNING, "bad network range '%s...%s/%u' in '%s', defaulting to '%s...%s/%d'",
ip_min_str, ip_max_str, bitlen, _optarg,
N2N_SN_MIN_AUTO_IP_NET_DEFAULT, N2N_SN_MAX_AUTO_IP_NET_DEFAULT, N2N_SN_AUTO_IP_NET_BIT_DEFAULT);
return 2;
}
if((bitlen > 30) || (bitlen == 0)) {
traceEvent(TRACE_WARNING, "Bad prefix '%hhu' in '%s', defaulting to '%s...%s/%d'",
traceEvent(TRACE_WARNING, "bad prefix '%hhu' in '%s', defaulting to '%s...%s/%d'",
bitlen, _optarg,
N2N_SN_MIN_AUTO_IP_NET_DEFAULT, N2N_SN_MAX_AUTO_IP_NET_DEFAULT, N2N_SN_AUTO_IP_NET_BIT_DEFAULT);
return 2;
}
traceEvent(TRACE_NORMAL, "The network range for community ip address service is '%s...%s/%hhu'.", ip_min_str, ip_max_str, bitlen);
traceEvent(TRACE_NORMAL, "the network range for community ip address service is '%s...%s/%hhu'", ip_min_str, ip_max_str, bitlen);
sss->min_auto_ip_net.net_addr = ntohl(net_min);
sss->min_auto_ip_net.net_bitlen = bitlen;
@ -311,7 +311,7 @@ static int setOption (int optkey, char *_optarg, n2n_sn_t *sss) {
break;
default:
traceEvent(TRACE_WARNING, "Unknown option -%c:", (char) optkey);
traceEvent(TRACE_WARNING, "unknown option -%c:", (char) optkey);
return 2;
}
@ -400,7 +400,7 @@ static int loadFromFile (const char *path, n2n_sn_t *sss) {
fd = fopen(path, "r");
if(fd == NULL) {
traceEvent(TRACE_WARNING, "Config file %s not found", path);
traceEvent(TRACE_WARNING, "config file %s not found", path);
return -1;
}
@ -445,7 +445,7 @@ static int add_federation_to_communities (n2n_sn_t *sss) {
num_communities = HASH_COUNT(sss->communities);
traceEvent(TRACE_INFO, "Added federation '%s' to the list of communities [total: %u]",
traceEvent(TRACE_INFO, "added federation '%s' to the list of communities [total: %u]",
(char*)sss->federation->community, num_communities);
}
@ -466,7 +466,7 @@ static void dump_registrations (int signo) {
traceEvent(TRACE_NORMAL, "====================================");
HASH_ITER(hh, sss_node.communities, comm, ctmp) {
traceEvent(TRACE_NORMAL, "Dumping community: %s", comm->community);
traceEvent(TRACE_NORMAL, "dumping community: %s", comm->community);
HASH_ITER(hh, comm->edges, list, tmp) {
if(list->sock.family == AF_INET) {
@ -501,10 +501,10 @@ BOOL WINAPI term_handler (DWORD sig)
static int called = 0;
if(called) {
traceEvent(TRACE_NORMAL, "Ok I am leaving now");
traceEvent(TRACE_NORMAL, "ok, I am leaving now");
_exit(0);
} else {
traceEvent(TRACE_NORMAL, "Shutting down...");
traceEvent(TRACE_NORMAL, "shutting down...");
called = 1;
}
@ -558,7 +558,7 @@ int main (int argc, char * const argv[]) {
setUseSyslog(1); /* traceEvent output now goes to syslog. */
if(-1 == daemon(0, 0)) {
traceEvent(TRACE_ERROR, "Failed to become daemon.");
traceEvent(TRACE_ERROR, "failed to become daemon");
exit(-5);
}
}
@ -566,11 +566,11 @@ int main (int argc, char * const argv[]) {
// warn on default federation name
if(!strcmp(sss_node.federation->community, FEDERATION_NAME)) {
traceEvent(TRACE_WARNING, "Using default federation name. FOR TESTING ONLY, usage of a custom federation name (-F) is highly recommended!");
traceEvent(TRACE_WARNING, "using default federation name; FOR TESTING ONLY, usage of a custom federation name (-F) is highly recommended!");
}
if(sss_node.override_spoofing_protection) {
traceEvent(TRACE_WARNING, "Disabled MAC and IP address spoofing protection. FOR TESTING ONLY, usage of user-password authentication (-I, -J, -P) recommended instead!");
traceEvent(TRACE_WARNING, "disabled MAC and IP address spoofing protection; FOR TESTING ONLY, usage of user-password authentication (-I, -J, -P) recommended instead!");
}
calculate_shared_secrets(&sss_node);
@ -579,7 +579,7 @@ int main (int argc, char * const argv[]) {
sss_node.sock = open_socket(sss_node.lport, 1 /*bind ANY*/, 0, 0 /* UDP */);
if(-1 == sss_node.sock) {
traceEvent(TRACE_ERROR, "Failed to open main socket. %s", strerror(errno));
traceEvent(TRACE_ERROR, "failed to open main socket. %s", strerror(errno));
exit(-2);
} else {
traceEvent(TRACE_NORMAL, "supernode is listening on UDP %u (main)", sss_node.lport);
@ -588,14 +588,14 @@ int main (int argc, char * const argv[]) {
#ifdef N2N_HAVE_TCP
sss_node.tcp_sock = open_socket(sss_node.lport, 1 /*bind ANY*/, 0, 1 /* TCP */);
if(-1 == sss_node.tcp_sock) {
traceEvent(TRACE_ERROR, "Failed to open auxiliary TCP socket. %s", strerror(errno));
traceEvent(TRACE_ERROR, "failed to open auxiliary TCP socket, %s", strerror(errno));
exit(-2);
} else {
traceEvent(TRACE_NORMAL, "supernode opened TCP %u (aux)", sss_node.lport);
}
if(-1 == listen(sss_node.tcp_sock, N2N_TCP_BACKLOG_QUEUE_SIZE)) {
traceEvent(TRACE_ERROR, "Failed to listen on auxiliary TCP socket. %s", strerror(errno));
traceEvent(TRACE_ERROR, "failed to listen on auxiliary TCP socket, %s", strerror(errno));
exit(-2);
} else {
traceEvent(TRACE_NORMAL, "supernode is listening on TCP %u (aux)", sss_node.lport);
@ -604,7 +604,7 @@ int main (int argc, char * const argv[]) {
sss_node.mgmt_sock = open_socket(sss_node.mport, 0 /* bind LOOPBACK */, 0, 0 /* UDP */);
if(-1 == sss_node.mgmt_sock) {
traceEvent(TRACE_ERROR, "Failed to open management socket. %s", strerror(errno));
traceEvent(TRACE_ERROR, "failed to open management socket, %s", strerror(errno));
exit(-2);
} else {
traceEvent(TRACE_NORMAL, "supernode is listening on UDP %u (management)", sss_node.mport);
@ -619,24 +619,24 @@ int main (int argc, char * const argv[]) {
sss_node.groupid = sss_node.groupid == 0 ? pw->pw_gid : 0;
}
if((sss_node.userid != 0) || (sss_node.groupid != 0)) {
traceEvent(TRACE_NORMAL, "Dropping privileges to uid=%d, gid=%d",
traceEvent(TRACE_NORMAL, "dropping privileges to uid=%d, gid=%d",
(signed int)sss_node.userid, (signed int)sss_node.groupid);
/* Finished with the need for root privileges. Drop to unprivileged user. */
if((setgid(sss_node.groupid) != 0)
|| (setuid(sss_node.userid) != 0)) {
traceEvent(TRACE_ERROR, "Unable to drop privileges [%u/%s]", errno, strerror(errno));
traceEvent(TRACE_ERROR, "unable to drop privileges [%u/%s]", errno, strerror(errno));
exit(1);
}
}
if((getuid() == 0) || (getgid() == 0)) {
traceEvent(TRACE_WARNING, "Running as root is discouraged, check out the -u/-g options");
traceEvent(TRACE_WARNING, "running as root is discouraged, check out the -u/-g options");
}
#endif
if(resolve_create_thread(&(sss_node.resolve_parameter), sss_node.federation->edges) == 0) {
traceEvent(TRACE_NORMAL, "Successfully created resolver thread");
traceEvent(TRACE_NORMAL, "successfully created resolver thread");
}
traceEvent(TRACE_NORMAL, "supernode started");

150
src/sn_utils.c
View File

@ -340,7 +340,7 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
// common shared secret will be calculated later
// add to list
HASH_ADD(hh, last_added_comm->allowed_users, public_key, sizeof(n2n_private_public_key_t), user);
traceEvent(TRACE_INFO, "Added user '%s' with public key '%s' to community '%s'",
traceEvent(TRACE_INFO, "added user '%s' with public key '%s' to community '%s'",
user->name, ascii_public_key, last_added_comm->community);
// enable header encryption
last_added_comm->header_encryption = HEADER_ENCRYPTION_ENABLED;
@ -370,7 +370,7 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
re->rule = re_compile(cmn_str);
HASH_ADD_PTR(sss->rules, rule, re);
num_regex++;
traceEvent(TRACE_INFO, "Added regular expression for allowed communities '%s'", cmn_str);
traceEvent(TRACE_INFO, "added regular expression for allowed communities '%s'", cmn_str);
free(cmn_str);
last_added_comm = NULL;
continue;
@ -395,13 +395,13 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
last_added_comm = comm;
num_communities++;
traceEvent(TRACE_INFO, "Added allowed community '%s' [total: %u]",
traceEvent(TRACE_INFO, "added allowed community '%s' [total: %u]",
(char*)comm->community, num_communities);
// check for sub-network address
if(has_net) {
if(sscanf(net_str, "%15[^/]/%hhu", ip_str, &bitlen) != 2) {
traceEvent(TRACE_WARNING, "Bad net/bit format '%s' for community '%c', ignoring. See comments inside community.list file.",
traceEvent(TRACE_WARNING, "bad net/bit format '%s' for community '%c', ignoring; see comments inside community.list file",
net_str, cmn_str);
has_net = 0;
}
@ -409,12 +409,12 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
mask = bitlen2mask(bitlen);
if((net == (in_addr_t)(-1)) || (net == INADDR_NONE) || (net == INADDR_ANY)
|| ((ntohl(net) & ~mask) != 0)) {
traceEvent(TRACE_WARNING, "Bad network '%s/%u' in '%s' for community '%s', ignoring.",
traceEvent(TRACE_WARNING, "bad network '%s/%u' in '%s' for community '%s', ignoring",
ip_str, bitlen, net_str, cmn_str);
has_net = 0;
}
if((bitlen > 30) || (bitlen == 0)) {
traceEvent(TRACE_WARNING, "Bad prefix '%hhu' in '%s' for community '%s', ignoring.",
traceEvent(TRACE_WARNING, "bad prefix '%hhu' in '%s' for community '%s', ignoring",
bitlen, net_str, cmn_str);
has_net = 0;
}
@ -422,7 +422,7 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
if(has_net) {
comm->auto_ip_net.net_addr = ntohl(net);
comm->auto_ip_net.net_bitlen = bitlen;
traceEvent(TRACE_INFO, "Assigned sub-network %s/%u to community '%s'.",
traceEvent(TRACE_INFO, "assigned sub-network %s/%u to community '%s'",
inet_ntoa(*(struct in_addr *) &net),
comm->auto_ip_net.net_bitlen,
comm->community);
@ -436,14 +436,14 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
fclose(fd);
if((num_regex + num_communities) == 0) {
traceEvent(TRACE_WARNING, "File %s does not contain any valid community names or regular expressions", sss->community_file);
traceEvent(TRACE_WARNING, "file %s does not contain any valid community names or regular expressions", sss->community_file);
return -2;
}
traceEvent(TRACE_NORMAL, "Loaded %u fixed-name communities from %s",
traceEvent(TRACE_NORMAL, "loaded %u fixed-name communities from %s",
num_communities, sss->community_file);
traceEvent(TRACE_NORMAL, "Loaded %u regular expressions for community name matching from %s",
traceEvent(TRACE_NORMAL, "loaded %u regular expressions for community name matching from %s",
num_regex, sss->community_file);
// calculate allowed user's shared secrets (shared with federation)
@ -480,7 +480,7 @@ static ssize_t sendto_fd (n2n_sn_t *sss,
if((sent <= 0) && (errno)) {
char * c = strerror(errno);
traceEvent(TRACE_ERROR, "sendto_fd failed (%d) %s", errno, c);
traceEvent(TRACE_ERROR, "sendto failed (%d) %s", errno, c);
#ifdef WIN32
traceEvent(TRACE_ERROR, "WSAGetLastError(): %u", WSAGetLastError());
#endif
@ -492,7 +492,7 @@ static ssize_t sendto_fd (n2n_sn_t *sss,
return -1;
}
} else {
traceEvent(TRACE_DEBUG, "sendto_fd sent=%d to ", (signed int)sent);
traceEvent(TRACE_DEBUG, "sendto sent=%d to ", (signed int)sent);
}
return sent;
@ -564,7 +564,7 @@ static ssize_t sendto_peer (n2n_sn_t *sss,
struct sockaddr_in socket;
fill_sockaddr((struct sockaddr *)&socket, sizeof(socket), &(peer->sock));
traceEvent(TRACE_DEBUG, "sendto_peer %lu to [%s]",
traceEvent(TRACE_DEBUG, "sent %lu bytes to [%s]",
pktsize,
sock_to_cstr(sockbuf, &(peer->sock)));
@ -695,17 +695,17 @@ static int try_forward (n2n_sn_t * sss,
// check if target edge is associated with a certain supernode
HASH_FIND(hh, comm->assoc, dstMac, sizeof(n2n_mac_t), assoc);
if(assoc) {
traceEvent(TRACE_DEBUG, "try_forward found mac address associated with a known supernode, forwarding packet to that supernode");
traceEvent(TRACE_DEBUG, "found mac address associated with a known supernode, forwarding packet to that supernode");
sendto_sock(sss, sss->sock,
(const struct sockaddr*)&(assoc->sock),
pktbuf, pktsize);
} else {
// forwarding packet to all federated supernodes
traceEvent(TRACE_DEBUG, "try_forward sees unknown mac address, broadcasting packet to all federated supernodes");
traceEvent(TRACE_DEBUG, "unknown mac address, broadcasting packet to all federated supernodes");
try_broadcast(sss, NULL, cmn, sss->mac_addr, from_supernode, pktbuf, pktsize);
}
} else {
traceEvent(TRACE_DEBUG, "try_forward sees unknown mac address in packet from a supernode, dropping the packet");
traceEvent(TRACE_DEBUG, "unknown mac address in packet from a supernode, dropping the packet");
/* Not a known MAC so drop. */
return -2;
}
@ -1065,7 +1065,7 @@ static int update_edge (n2n_sn_t *sss,
HASH_ADD_PEER(comm->edges, scan);
traceEvent(TRACE_INFO, "update_edge created %s ==> %s",
traceEvent(TRACE_INFO, "created edge %s ==> %s",
macaddr_str(mac_buf, reg->edgeMac),
sock_to_cstr(sockbuf, sender_sock));
}
@ -1082,14 +1082,14 @@ static int update_edge (n2n_sn_t *sss,
scan->socket_fd = socket_fd;
memcpy(&(scan->last_cookie), reg->cookie, sizeof(N2N_COOKIE_SIZE));
traceEvent(TRACE_INFO, "update_edge updated %s ==> %s",
traceEvent(TRACE_INFO, "updated edge %s ==> %s",
macaddr_str(mac_buf, reg->edgeMac),
sock_to_cstr(sockbuf, sender_sock));
ret = update_edge_sock_change;
} else {
memcpy(&(scan->last_cookie), reg->cookie, sizeof(N2N_COOKIE_SIZE));
traceEvent(TRACE_DEBUG, "update_edge unchanged %s ==> %s",
traceEvent(TRACE_DEBUG, "edge unchanged %s ==> %s",
macaddr_str(mac_buf, reg->edgeMac),
sock_to_cstr(sockbuf, sender_sock));
@ -1181,10 +1181,10 @@ static int assign_one_ip_addr (struct sn_community *comm, n2n_desc_t dev_desc, n
}
if(success) {
traceEvent(TRACE_INFO, "Assign IP %s to tap adapter of edge.", ip_subnet_to_str(ip_bit_str, ip_addr));
traceEvent(TRACE_INFO, "assign IP %s to tap adapter of edge", ip_subnet_to_str(ip_bit_str, ip_addr));
return 0;
} else {
traceEvent(TRACE_WARNING, "No assignable IP to edge tap adapter.");
traceEvent(TRACE_WARNING, "no assignable IP to edge tap adapter");
return -1;
}
}
@ -1258,7 +1258,7 @@ int assign_one_ip_subnet (n2n_sn_t *sss,
comm->auto_ip_net.net_addr = net_id_i;
comm->auto_ip_net.net_bitlen = sss->min_auto_ip_net.net_bitlen;
net = htonl(comm->auto_ip_net.net_addr);
traceEvent(TRACE_INFO, "Assigned sub-network %s/%u to community '%s'.",
traceEvent(TRACE_INFO, "assigned sub-network %s/%u to community '%s'",
inet_ntoa(*(struct in_addr *) &net),
comm->auto_ip_net.net_bitlen,
comm->community);
@ -1266,7 +1266,7 @@ int assign_one_ip_subnet (n2n_sn_t *sss,
} else {
comm->auto_ip_net.net_addr = 0;
comm->auto_ip_net.net_bitlen = 0;
traceEvent(TRACE_WARNING, "No assignable sub-network left for community '%s'.",
traceEvent(TRACE_WARNING, "no assignable sub-network left for community '%s'",
comm->community);
return -1;
}
@ -1389,7 +1389,7 @@ static int purge_expired_communities (n2n_sn_t *sss,
return 0;
}
traceEvent(TRACE_DEBUG, "Purging old communities and edges");
traceEvent(TRACE_DEBUG, "purging old communities and edges");
HASH_ITER(hh, sss->communities, comm, tmp_comm) {
// federation is taken care of in re_register_and_purge_supernodes()
@ -1409,7 +1409,7 @@ static int purge_expired_communities (n2n_sn_t *sss,
}
if((comm->edges == NULL) && (comm->purgeable == COMMUNITY_PURGEABLE)) {
traceEvent(TRACE_INFO, "Purging idle community %s", comm->community);
traceEvent(TRACE_INFO, "purging idle community %s", comm->community);
if(NULL != comm->header_encryption_ctx_static) {
/* this should not happen as 'purgeable' and thus only communities w/o encrypted header here */
free(comm->header_encryption_ctx_static);
@ -1507,7 +1507,7 @@ static int process_mgmt (n2n_sn_t *sss,
sendto_mgmt(sss, sender_sock, (const uint8_t *) resbuf, ressize);
return 0; /* no status output afterwards */
}
traceEvent(TRACE_NORMAL, "process_mgmt sees 'reload_communities' command.");
traceEvent(TRACE_NORMAL, "'reload_communities' command");
if(load_allowed_sn_community(sss)) {
ressize += snprintf(resbuf + ressize, N2N_SN_PKTBUF_SIZE - ressize,
@ -1653,7 +1653,7 @@ static int process_udp (n2n_sn_t * sss,
int skip_add;
time_t any_time = 0;
traceEvent(TRACE_DEBUG, "Processing incoming UDP packet [len: %lu][sender: %s:%u]",
traceEvent(TRACE_DEBUG, "processing incoming UDP packet [len: %lu][sender: %s:%u]",
udp_size, intoa(ntohl(sender_sock->sin_addr.s_addr), buf, sizeof(buf)),
ntohs(sender_sock->sin_port));
@ -1661,7 +1661,7 @@ static int process_udp (n2n_sn_t * sss,
* it heavily relies on the structure of packet's common part
* changes to wire.c:encode/decode_common need to go together with this code */
if(udp_size < 24) {
traceEvent(TRACE_DEBUG, "process_udp dropped a packet too short to be valid.");
traceEvent(TRACE_DEBUG, "dropped a packet too short to be valid");
return -1;
}
if((udp_buf[23] == (uint8_t)0x00) // null terminated community name
@ -1675,14 +1675,14 @@ static int process_udp (n2n_sn_t * sss,
HASH_FIND_COMMUNITY(sss->communities, (char *)&udp_buf[04], comm);
if(comm) {
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
traceEvent(TRACE_DEBUG, "process_udp dropped a packet with unencrypted header "
"addressed to community '%s' which uses encrypted headers.",
traceEvent(TRACE_DEBUG, "dropped a packet with unencrypted header "
"addressed to community '%s' which uses encrypted headers",
comm->community);
return -1;
}
if(comm->header_encryption == HEADER_ENCRYPTION_UNKNOWN) {
traceEvent(TRACE_INFO, "process_udp locked community '%s' to using "
"unencrypted headers.", comm->community);
traceEvent(TRACE_INFO, "locked community '%s' to "
"unencrypted headers", comm->community);
/* set 'no encryption' in case it is not set yet */
comm->header_encryption = HEADER_ENCRYPTION_NONE;
comm->header_encryption_ctx_static = NULL;
@ -1718,8 +1718,8 @@ static int process_udp (n2n_sn_t * sss,
// (MAC is not always in the same place)
if(comm->header_encryption == HEADER_ENCRYPTION_UNKNOWN) {
traceEvent(TRACE_INFO, "process_udp locked community '%s' to using "
"encrypted headers.", comm->community);
traceEvent(TRACE_INFO, "locked community '%s' to "
"encrypted headers", comm->community);
/* set 'encrypted' in case it is not set yet */
comm->header_encryption = HEADER_ENCRYPTION_ENABLED;
}
@ -1732,8 +1732,8 @@ static int process_udp (n2n_sn_t * sss,
}
if(!header_enc) {
// no matching key/community
traceEvent(TRACE_DEBUG, "process_udp dropped a packet with seemingly encrypted header "
"for which no matching community which uses encrypted headers was found.");
traceEvent(TRACE_DEBUG, "dropped a packet with seemingly encrypted header "
"for which no matching community which uses encrypted headers was found");
return -1;
}
}
@ -1751,7 +1751,7 @@ static int process_udp (n2n_sn_t * sss,
idx = 0; /* marches through packet header as parts are decoded. */
if(decode_common(&cmn, udp_buf, &rem, &idx) < 0) {
traceEvent(TRACE_ERROR, "Failed to decode common section");
traceEvent(TRACE_ERROR, "failed to decode common section");
return -1; /* failed to decode packet */
}
@ -1765,7 +1765,7 @@ static int process_udp (n2n_sn_t * sss,
&& (msg_type != MSG_TYPE_REGISTER_SUPER_ACK)
&& (msg_type != MSG_TYPE_REGISTER_SUPER_NAK)) {
if(header_enc != 2) {
traceEvent(TRACE_WARNING, "process_udp dropped packet encrypted with static key where expecting dynamic key.");
traceEvent(TRACE_WARNING, "dropped packet encrypted with static key where expecting dynamic key");
return -1;
}
}
@ -1784,13 +1784,13 @@ static int process_udp (n2n_sn_t * sss,
sn = add_sn_to_list_by_mac_or_sock (&(sss->federation->edges), &sender, null_mac, &skip_add);
// only REGISTER_SUPER allowed from unknown supernodes
if((!sn) && (msg_type != MSG_TYPE_REGISTER_SUPER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped incoming data from unknown supernode.");
traceEvent(TRACE_DEBUG, "dropped incoming data from unknown supernode");
return -1;
}
}
if(cmn.ttl < 1) {
traceEvent(TRACE_WARNING, "Expired TTL");
traceEvent(TRACE_WARNING, "expired TTL");
return 0; /* Don't process further */
}
@ -1810,7 +1810,7 @@ static int process_udp (n2n_sn_t * sss,
uint8_t * rec_buf; /* either udp_buf or encbuf */
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp PACKET with unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "PACKET with unknown community %s", cmn.community);
return -1;
}
@ -1820,7 +1820,7 @@ static int process_udp (n2n_sn_t * sss,
// already checked for valid comm
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, pkt.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped PACKET due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped PACKET due to time stamp error");
return -1;
}
}
@ -1895,7 +1895,7 @@ static int process_udp (n2n_sn_t * sss,
uint8_t * rec_buf; /* either udp_buf or encbuf */
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp REGISTER from unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "REGISTER from unknown community %s", cmn.community);
return -1;
}
@ -1905,7 +1905,7 @@ static int process_udp (n2n_sn_t * sss,
// already checked for valid comm
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, reg.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER due to time stamp error");
return -1;
}
}
@ -1953,7 +1953,7 @@ static int process_udp (n2n_sn_t * sss,
}
case MSG_TYPE_REGISTER_ACK: {
traceEvent(TRACE_DEBUG, "Rx REGISTER_ACK (NOT IMPLEMENTED) Should not be via supernode");
traceEvent(TRACE_DEBUG, "Rx REGISTER_ACK (not implemented) should not be via supernode");
break;
}
@ -1988,7 +1988,7 @@ static int process_udp (n2n_sn_t * sss,
if(comm) {
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, reg.edgeMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_SUPER due to time stamp error");
return -1;
}
}
@ -2013,7 +2013,7 @@ static int process_udp (n2n_sn_t * sss,
}
}
if(match != 1) {
traceEvent(TRACE_INFO, "Discarded registration: unallowed community '%s'",
traceEvent(TRACE_INFO, "discarded registration with unallowed community '%s'",
(char*)cmn.community);
return -1;
}
@ -2033,13 +2033,13 @@ static int process_udp (n2n_sn_t * sss,
comm->number_enc_packets = 0;
HASH_ADD_STR(sss->communities, community, comm);
traceEvent(TRACE_INFO, "New community: %s", comm->community);
traceEvent(TRACE_INFO, "new community: %s", comm->community);
assign_one_ip_subnet(sss, comm);
}
}
if(!comm) {
traceEvent(TRACE_INFO, "Discarded registration: unallowed community '%s'",
traceEvent(TRACE_INFO, "discarded registration with unallowed community '%s'",
(char*)cmn.community);
return -1;
}
@ -2051,11 +2051,11 @@ static int process_udp (n2n_sn_t * sss,
if(user) {
speck_128_encrypt(hash_buf, (speck_context_t*)user->shared_secret_ctx);
if(memcmp(hash_buf, udp_buf + udp_size - N2N_REG_SUP_HASH_CHECK_LEN /* length has already been checked */, N2N_REG_SUP_HASH_CHECK_LEN)) {
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER with wrong hash.");
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER with wrong hash");
return -1;
}
} else {
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER from unknown user.");
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER from unknown user");
// continue and let auth check do the rest (otherwise, no NAK is sent)
}
}
@ -2259,12 +2259,12 @@ static int process_udp (n2n_sn_t * sss,
memset(&unreg, 0, sizeof(n2n_UNREGISTER_SUPER_t));
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp UNREGISTER_SUPER with unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "dropped UNREGISTER_SUPER with unknown community %s", cmn.community);
return -1;
}
if((from_supernode == 1) || (comm->is_federation == IS_FEDERATION)) {
traceEvent(TRACE_DEBUG, "process_udp dropped UNREGISTER_SUPER: should not come from a supernode or federation.");
traceEvent(TRACE_DEBUG, "dropped UNREGISTER_SUPER: should not come from a supernode or federation.");
return -1;
}
@ -2272,7 +2272,7 @@ static int process_udp (n2n_sn_t * sss,
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, unreg.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped UNREGISTER_SUPER due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped UNREGISTER_SUPER due to time stamp error");
return -1;
}
}
@ -2317,12 +2317,12 @@ static int process_udp (n2n_sn_t * sss,
memset(&ack, 0, sizeof(n2n_REGISTER_SUPER_ACK_t));
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp REGISTER_SUPER_ACK with unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "REGISTER_SUPER_ACK with unknown community %s", cmn.community);
return -1;
}
if((from_supernode == 0) || (comm->is_federation == IS_NO_FEDERATION)) {
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_ACK: should not come from an edge or regular community.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_SUPER_ACK, should not come from an edge or regular community");
return -1;
}
@ -2331,7 +2331,7 @@ static int process_udp (n2n_sn_t * sss,
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, ack.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_ACK due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_SUPER_ACK due to time stamp error");
return -1;
}
}
@ -2346,7 +2346,7 @@ static int process_udp (n2n_sn_t * sss,
if(scan != NULL) {
scan->last_seen = now;
} else {
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_ACK due to an unknown supernode.");
traceEvent(TRACE_DEBUG, "dropped REGISTER_SUPER_ACK due to an unknown supernode");
break;
}
@ -2380,7 +2380,7 @@ static int process_udp (n2n_sn_t * sss,
}
} else {
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old cookie.");
traceEvent(TRACE_INFO, "Rx REGISTER_SUPER_ACK with wrong or old cookie");
}
break;
}
@ -2402,7 +2402,7 @@ static int process_udp (n2n_sn_t * sss,
memset(&nak, 0, sizeof(n2n_REGISTER_SUPER_NAK_t));
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp REGISTER_SUPER_NAK with unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "REGISTER_SUPER_NAK with unknown community %s", cmn.community);
return -1;
}
@ -2410,7 +2410,7 @@ static int process_udp (n2n_sn_t * sss,
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, nak.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_NAK due to time stamp error.");
traceEvent(TRACE_DEBUG, "process_udp dropped REGISTER_SUPER_NAK due to time stamp error");
return -1;
}
}
@ -2478,13 +2478,13 @@ static int process_udp (n2n_sn_t * sss,
}
}
if(match != 1) {
traceEvent(TRACE_DEBUG, "process_udp QUERY_PEER from unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "QUERY_PEER from unknown community %s", cmn.community);
return -1;
}
}
if(!comm && sss->lock_communities && (match == 0)) {
traceEvent(TRACE_DEBUG, "process_udp QUERY_PEER from not allowed community %s", cmn.community);
traceEvent(TRACE_DEBUG, "QUERY_PEER from not allowed community %s", cmn.community);
return -1;
}
@ -2496,14 +2496,14 @@ static int process_udp (n2n_sn_t * sss,
if(comm) {
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, query.srcMac, stamp, TIME_STAMP_ALLOW_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped QUERY_PEER due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped QUERY_PEER due to time stamp error");
return -1;
}
}
}
if(is_null_mac(query.targetMac)) {
traceEvent(TRACE_DEBUG, "Rx PING from %s.",
traceEvent(TRACE_DEBUG, "Rx PING from %s",
macaddr_str(mac_buf, query.srcMac));
cmn2.ttl = N2N_DEFAULT_TTL;
@ -2543,7 +2543,7 @@ static int process_udp (n2n_sn_t * sss,
// as opposed to the special case 'PING', proper QUERY_PEER processing requires a locally actually present community entry
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp QUERY_PEER with unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "QUERY_PEER with unknown community %s", cmn.community);
return -1;
}
@ -2575,10 +2575,10 @@ static int process_udp (n2n_sn_t * sss,
} else {
if(from_supernode) {
traceEvent(TRACE_DEBUG, "QUERY_PEER on unknown edge from supernode %s. Dropping the packet.",
traceEvent(TRACE_DEBUG, "QUERY_PEER on unknown edge from supernode %s, dropping the packet",
macaddr_str(mac_buf, query.srcMac));
} else {
traceEvent(TRACE_DEBUG, "QUERY_PEER from unknown edge %s. Forwarding to all other supernodes.",
traceEvent(TRACE_DEBUG, "QUERY_PEER from unknown edge %s, forwarding to all other supernodes",
macaddr_str(mac_buf, query.srcMac));
memcpy(&cmn2, &cmn, sizeof(n2n_common_t));
@ -2606,7 +2606,7 @@ static int process_udp (n2n_sn_t * sss,
struct peer_info *peer;
if(!comm) {
traceEvent(TRACE_DEBUG, "process_udp PEER_INFO with unknown community %s", cmn.community);
traceEvent(TRACE_DEBUG, "PEER_INFO with unknown community %s", cmn.community);
return -1;
}
@ -2614,7 +2614,7 @@ static int process_udp (n2n_sn_t * sss,
if(comm->header_encryption == HEADER_ENCRYPTION_ENABLED) {
if(!find_edge_time_stamp_and_verify(comm->edges, sn, pi.srcMac, stamp, TIME_STAMP_NO_JITTER)) {
traceEvent(TRACE_DEBUG, "process_udp dropped PEER_INFO due to time stamp error.");
traceEvent(TRACE_DEBUG, "dropped PEER_INFO due to time stamp error");
return -1;
}
}
@ -2651,7 +2651,7 @@ static int process_udp (n2n_sn_t * sss,
default:
/* Not a known message type */
traceEvent(TRACE_WARNING, "Unable to handle packet type %d: ignored", (signed int)msg_type);
traceEvent(TRACE_WARNING, "unable to handle packet type %d: ignored", (signed int)msg_type);
} /* switch(msg_type) */
return 0;
@ -2767,7 +2767,7 @@ int run_sn_loop (n2n_sn_t *sss, int *keep_running) {
(struct sockaddr *)&sender_sock, (socklen_t *)&i);
if(bread <= 0) {
traceEvent(TRACE_INFO, "run_sn_loop closes tcp connection to '%s'", sock_to_cstr(sockbuf, (n2n_sock_t*)&sender_sock));
traceEvent(TRACE_INFO, "closing tcp connection to [%s]", sock_to_cstr(sockbuf, (n2n_sock_t*)&sender_sock));
traceEvent(TRACE_DEBUG, "recvfrom() returns %d and sees errno %d (%s)", bread, errno, strerror(errno));
#ifdef WIN32
traceEvent(TRACE_DEBUG, "WSAGetLastError(): %u", WSAGetLastError());
@ -2782,7 +2782,7 @@ int run_sn_loop (n2n_sn_t *sss, int *keep_running) {
// the prepended length has been read, preparing for the packet
conn->expected += be16toh(*(uint16_t*)(conn->buffer));
if(conn->expected > N2N_SN_PKTBUF_SIZE) {
traceEvent(TRACE_INFO, "run_sn_loop closes tcp connection to '%s'", sock_to_cstr(sockbuf, (n2n_sock_t*)&sender_sock));
traceEvent(TRACE_INFO, "closing tcp connection to [%s]", sock_to_cstr(sockbuf, (n2n_sock_t*)&sender_sock));
traceEvent(TRACE_DEBUG, "too many bytes in tcp packet expected");
close_tcp_connection(sss, conn);
continue;
@ -2825,13 +2825,13 @@ int run_sn_loop (n2n_sn_t *sss, int *keep_running) {
conn->expected = sizeof(uint16_t);
conn->position = 0;
HASH_ADD_INT(sss->tcp_connections, socket_fd, conn);
traceEvent(TRACE_INFO, "run_sn_loop accepted incoming TCP connection from %s",
traceEvent(TRACE_INFO, "accepted incoming TCP connection from [%s]",
sock_to_cstr(sockbuf, (n2n_sock_t*)&sender_sock));
}
}
} else {
// no space to store the socket for a new connection, close immediately
traceEvent(TRACE_DEBUG, "run_sn_loop denied incoming TCP connection from %s due to max connections limit hit",
traceEvent(TRACE_DEBUG, "denied incoming TCP connection from [%s] due to max connections limit hit",
sock_to_cstr(sockbuf, (n2n_sock_t*)&sender_sock));
}
}

Write Preview
Loading…
Cancel
Save