| 1 | #include "secnet.h" |
| 2 | #include "util.h" |
| 3 | #include "netlink.h" |
| 4 | #include <stdio.h> |
| 5 | #include <string.h> |
| 6 | #include <unistd.h> |
| 7 | #include <fcntl.h> |
| 8 | #include <sys/ioctl.h> |
| 9 | #include <sys/utsname.h> |
| 10 | #include <sys/socket.h> |
| 11 | |
| 12 | #ifdef HAVE_NET_IF_H |
| 13 | #include <net/if.h> |
| 14 | #ifdef HAVE_LINUX_IF_H |
| 15 | #include <linux/if_tun.h> |
| 16 | #define LINUX_TUN_SUPPORTED |
| 17 | #endif |
| 18 | #endif |
| 19 | |
| 20 | #ifdef HAVE_NET_ROUTE_H |
| 21 | #include <net/route.h> |
| 22 | #endif |
| 23 | |
| 24 | #if defined(HAVE_STROPTS_H) && defined(HAVE_SYS_SOCKIO_H) && \ |
| 25 | defined(HAVE_NET_IF_TUN_H) |
| 26 | #define HAVE_TUN_STREAMS |
| 27 | #endif |
| 28 | |
| 29 | #ifdef HAVE_TUN_STREAMS |
| 30 | #include <stropts.h> |
| 31 | #include <sys/sockio.h> |
| 32 | #include <net/if_tun.h> |
| 33 | #endif |
| 34 | |
| 35 | #define TUN_FLAVOUR_GUESS 0 |
| 36 | #define TUN_FLAVOUR_BSD 1 |
| 37 | #define TUN_FLAVOUR_LINUX 2 |
| 38 | #define TUN_FLAVOUR_STREAMS 3 |
| 39 | |
| 40 | static struct flagstr flavours[]={ |
| 41 | {"guess", TUN_FLAVOUR_GUESS}, |
| 42 | {"bsd", TUN_FLAVOUR_BSD}, |
| 43 | {"BSD", TUN_FLAVOUR_BSD}, |
| 44 | {"linux", TUN_FLAVOUR_LINUX}, |
| 45 | {"streams", TUN_FLAVOUR_STREAMS}, |
| 46 | {"STREAMS", TUN_FLAVOUR_STREAMS}, |
| 47 | {NULL, 0} |
| 48 | }; |
| 49 | |
| 50 | #define TUN_CONFIG_GUESS 0 |
| 51 | #define TUN_CONFIG_IOCTL 1 |
| 52 | #define TUN_CONFIG_BSD 2 |
| 53 | #define TUN_CONFIG_LINUX 3 |
| 54 | #define TUN_CONFIG_SOLARIS25 4 |
| 55 | |
| 56 | static struct flagstr config_types[]={ |
| 57 | {"guess", TUN_CONFIG_GUESS}, |
| 58 | {"ioctl", TUN_CONFIG_IOCTL}, |
| 59 | {"bsd", TUN_CONFIG_BSD}, |
| 60 | {"BSD", TUN_CONFIG_BSD}, |
| 61 | {"linux", TUN_CONFIG_LINUX}, |
| 62 | {"solaris-2.5", TUN_CONFIG_SOLARIS25}, |
| 63 | {NULL, 0} |
| 64 | }; |
| 65 | |
| 66 | /* Connection to the kernel through the universal TUN/TAP driver */ |
| 67 | |
| 68 | struct tun { |
| 69 | struct netlink nl; |
| 70 | int fd; |
| 71 | cstring_t device_path; |
| 72 | cstring_t ip_path; |
| 73 | string_t interface_name; |
| 74 | cstring_t ifconfig_path; |
| 75 | uint32_t ifconfig_type; |
| 76 | cstring_t route_path; |
| 77 | uint32_t route_type; |
| 78 | uint32_t tun_flavour; |
| 79 | bool_t search_for_if; /* Applies to tun-BSD only */ |
| 80 | struct buffer_if *buff; /* We receive packets into here |
| 81 | and send them to the netlink code. */ |
| 82 | netlink_deliver_fn *netlink_to_tunnel; |
| 83 | uint32_t local_address; /* host interface address */ |
| 84 | }; |
| 85 | |
| 86 | static cstring_t tun_flavour_str(uint32_t flavour) |
| 87 | { |
| 88 | switch (flavour) { |
| 89 | case TUN_FLAVOUR_GUESS: return "guess"; |
| 90 | case TUN_FLAVOUR_BSD: return "BSD"; |
| 91 | case TUN_FLAVOUR_LINUX: return "linux"; |
| 92 | case TUN_FLAVOUR_STREAMS: return "STREAMS"; |
| 93 | default: return "unknown"; |
| 94 | } |
| 95 | } |
| 96 | |
| 97 | static int tun_beforepoll(void *sst, struct pollfd *fds, int *nfds_io, |
| 98 | int *timeout_io, const struct timeval *tv_now, |
| 99 | uint64_t *now) |
| 100 | { |
| 101 | struct tun *st=sst; |
| 102 | *nfds_io=1; |
| 103 | fds[0].fd=st->fd; |
| 104 | fds[0].events=POLLIN; |
| 105 | return 0; |
| 106 | } |
| 107 | |
| 108 | static void tun_afterpoll(void *sst, struct pollfd *fds, int nfds, |
| 109 | const struct timeval *tv_now, uint64_t *now) |
| 110 | { |
| 111 | struct tun *st=sst; |
| 112 | int l; |
| 113 | |
| 114 | if (nfds==0) return; |
| 115 | if (fds[0].revents&POLLERR) { |
| 116 | printf("tun_afterpoll: hup!\n"); |
| 117 | } |
| 118 | if (fds[0].revents&POLLIN) { |
| 119 | BUF_ALLOC(st->buff,"tun_afterpoll"); |
| 120 | buffer_init(st->buff,st->nl.max_start_pad); |
| 121 | l=read(st->fd,st->buff->start,st->buff->len-st->nl.max_start_pad); |
| 122 | if (l<0) { |
| 123 | fatal_perror("tun_afterpoll: read()"); |
| 124 | } |
| 125 | if (l==0) { |
| 126 | fatal("tun_afterpoll: read()=0; device gone away?"); |
| 127 | } |
| 128 | if (l>0) { |
| 129 | st->buff->size=l; |
| 130 | st->netlink_to_tunnel(&st->nl,st->buff); |
| 131 | BUF_ASSERT_FREE(st->buff); |
| 132 | } |
| 133 | } |
| 134 | } |
| 135 | |
| 136 | static void tun_deliver_to_kernel(void *sst, struct buffer_if *buf) |
| 137 | { |
| 138 | struct tun *st=sst; |
| 139 | |
| 140 | BUF_ASSERT_USED(buf); |
| 141 | /* No error checking, because we'd just throw the packet away |
| 142 | anyway if it didn't work. */ |
| 143 | write(st->fd,buf->start,buf->size); |
| 144 | BUF_FREE(buf); |
| 145 | } |
| 146 | |
| 147 | static bool_t tun_set_route(void *sst, struct netlink_client *routes) |
| 148 | { |
| 149 | struct tun *st=sst; |
| 150 | string_t network, mask, secnetaddr; |
| 151 | struct subnet_list *nets; |
| 152 | uint32_t i; |
| 153 | int fd=-1; |
| 154 | |
| 155 | if (routes->up == routes->kup) return False; |
| 156 | if (st->route_type==TUN_CONFIG_IOCTL) { |
| 157 | if (st->tun_flavour==TUN_FLAVOUR_STREAMS) { |
| 158 | fd=open(st->ip_path,O_RDWR); |
| 159 | if (fd<0) { |
| 160 | fatal_perror("tun_set_route: can't open %s",st->ip_path); |
| 161 | } |
| 162 | } else { |
| 163 | fd=socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); |
| 164 | if (fd<0) { |
| 165 | fatal_perror("tun_set_route: socket()"); |
| 166 | } |
| 167 | } |
| 168 | } |
| 169 | nets=routes->subnets; |
| 170 | secnetaddr=ipaddr_to_string(st->nl.secnet_address); |
| 171 | for (i=0; i<nets->entries; i++) { |
| 172 | network=ipaddr_to_string(nets->list[i].prefix); |
| 173 | mask=ipaddr_to_string(nets->list[i].mask); |
| 174 | Message(M_INFO,"%s: %s route %s/%d %s kernel routing table\n", |
| 175 | st->nl.name,routes->up?"adding":"deleting",network, |
| 176 | nets->list[i].len,routes->up?"to":"from"); |
| 177 | switch (st->route_type) { |
| 178 | case TUN_CONFIG_LINUX: |
| 179 | sys_cmd(st->route_path,"route",routes->up?"add":"del", |
| 180 | "-net",network,"netmask",mask, |
| 181 | "gw",secnetaddr,(char *)0); |
| 182 | break; |
| 183 | case TUN_CONFIG_BSD: |
| 184 | sys_cmd(st->route_path,"route",routes->up?"add":"del", |
| 185 | "-net",network,secnetaddr,mask,(char *)0); |
| 186 | break; |
| 187 | case TUN_CONFIG_SOLARIS25: |
| 188 | sys_cmd(st->route_path,"route",routes->up?"add":"del", |
| 189 | network,secnetaddr,(char *)0); |
| 190 | break; |
| 191 | case TUN_CONFIG_IOCTL: |
| 192 | { |
| 193 | #ifdef HAVE_NET_ROUTE_H |
| 194 | struct rtentry rt; |
| 195 | struct sockaddr_in *sa; |
| 196 | int action; |
| 197 | |
| 198 | memset(&rt,0,sizeof(rt)); |
| 199 | sa=(struct sockaddr_in *)&rt.rt_dst; |
| 200 | sa->sin_family=AF_INET; |
| 201 | sa->sin_addr.s_addr=htonl(nets->list[i].prefix); |
| 202 | sa=(struct sockaddr_in *)&rt.rt_genmask; |
| 203 | sa->sin_family=AF_INET; |
| 204 | sa->sin_addr.s_addr=htonl(nets->list[i].mask); |
| 205 | sa=(struct sockaddr_in *)&rt.rt_gateway; |
| 206 | sa->sin_family=AF_INET; |
| 207 | sa->sin_addr.s_addr=htonl(st->nl.secnet_address); |
| 208 | rt.rt_flags=RTF_UP|RTF_GATEWAY; |
| 209 | action=routes->up?SIOCADDRT:SIOCDELRT; |
| 210 | if (ioctl(fd,action,&rt)<0) { |
| 211 | fatal_perror("tun_set_route: ioctl()"); |
| 212 | } |
| 213 | #else |
| 214 | fatal("tun_set_route: ioctl method not supported"); |
| 215 | #endif |
| 216 | } |
| 217 | break; |
| 218 | default: |
| 219 | fatal("tun_set_route: unsupported route command type"); |
| 220 | break; |
| 221 | } |
| 222 | free(network); free(mask); |
| 223 | } |
| 224 | free(secnetaddr); |
| 225 | if (st->route_type==TUN_CONFIG_IOCTL) { |
| 226 | close(fd); |
| 227 | } |
| 228 | routes->kup=routes->up; |
| 229 | return True; |
| 230 | } |
| 231 | |
| 232 | static void tun_phase_hook(void *sst, uint32_t newphase) |
| 233 | { |
| 234 | struct tun *st=sst; |
| 235 | string_t hostaddr,secnetaddr; |
| 236 | uint8_t mtu[6]; |
| 237 | struct netlink_client *r; |
| 238 | |
| 239 | if (st->tun_flavour==TUN_FLAVOUR_BSD) { |
| 240 | if (st->search_for_if) { |
| 241 | string_t dname; |
| 242 | int i; |
| 243 | |
| 244 | dname=safe_malloc(strlen(st->device_path)+4,"tun_old_apply"); |
| 245 | st->interface_name=safe_malloc(8,"tun_phase_hook"); |
| 246 | |
| 247 | for (i=0; i<255; i++) { |
| 248 | sprintf(dname,"%s%d",st->device_path,i); |
| 249 | if ((st->fd=open(dname,O_RDWR))>0) { |
| 250 | sprintf(st->interface_name,"tun%d",i); |
| 251 | Message(M_INFO,"%s: allocated network interface %s " |
| 252 | "through %s\n",st->nl.name,st->interface_name, |
| 253 | dname); |
| 254 | break; |
| 255 | } |
| 256 | } |
| 257 | if (st->fd==-1) { |
| 258 | fatal("%s: unable to open any TUN device (%s...)", |
| 259 | st->nl.name,st->device_path); |
| 260 | } |
| 261 | } else { |
| 262 | st->fd=open(st->device_path,O_RDWR); |
| 263 | if (st->fd==-1) { |
| 264 | fatal_perror("%s: unable to open TUN device file %s", |
| 265 | st->nl.name,st->device_path); |
| 266 | } |
| 267 | } |
| 268 | } else if (st->tun_flavour==TUN_FLAVOUR_LINUX) { |
| 269 | #ifdef LINUX_TUN_SUPPORTED |
| 270 | struct ifreq ifr; |
| 271 | |
| 272 | /* New TUN interface: open the device, then do ioctl TUNSETIFF |
| 273 | to set or find out the network interface name. */ |
| 274 | st->fd=open(st->device_path,O_RDWR); |
| 275 | if (st->fd==-1) { |
| 276 | fatal_perror("%s: can't open device file %s",st->nl.name, |
| 277 | st->device_path); |
| 278 | } |
| 279 | memset(&ifr,0,sizeof(ifr)); |
| 280 | ifr.ifr_flags = IFF_TUN | IFF_NO_PI; /* Just send/receive IP packets, |
| 281 | no extra headers */ |
| 282 | if (st->interface_name) |
| 283 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); |
| 284 | if (ioctl(st->fd,TUNSETIFF,&ifr)<0) { |
| 285 | fatal_perror("%s: ioctl(TUNSETIFF)",st->nl.name); |
| 286 | } |
| 287 | if (!st->interface_name) { |
| 288 | st->interface_name=safe_malloc(strlen(ifr.ifr_name)+1,"tun_apply"); |
| 289 | strcpy(st->interface_name,ifr.ifr_name); |
| 290 | Message(M_INFO,"%s: allocated network interface %s\n",st->nl.name, |
| 291 | st->interface_name); |
| 292 | } |
| 293 | #else |
| 294 | fatal("tun_phase_hook: TUN_FLAVOUR_LINUX unexpected"); |
| 295 | #endif /* LINUX_TUN_SUPPORTED */ |
| 296 | } else if (st->tun_flavour==TUN_FLAVOUR_STREAMS) { |
| 297 | #ifdef HAVE_TUN_STREAMS |
| 298 | int tun_fd, if_fd, ppa=-1, ip_fd; |
| 299 | |
| 300 | if ((ip_fd=open(st->ip_path, O_RDWR)) < 0) { |
| 301 | fatal_perror("%s: can't open %s",st->nl.name,st->ip_path); |
| 302 | } |
| 303 | if ((tun_fd=open(st->device_path,O_RDWR)) < 0) { |
| 304 | fatal_perror("%s: can't open %s",st->nl.name,st->device_path); |
| 305 | } |
| 306 | if ((ppa=ioctl(tun_fd,TUNNEWPPA,ppa)) < 0) { |
| 307 | fatal_perror("%s: can't assign new interface"); |
| 308 | } |
| 309 | if ((if_fd=open(st->device_path,O_RDWR)) < 0) { |
| 310 | fatal_perror("%s: can't open %s (2)",st->nl.name,st->device_path); |
| 311 | } |
| 312 | if (ioctl(if_fd,I_PUSH,"ip") < 0) { |
| 313 | fatal_perror("%s: can't push IP module",st->nl.name); |
| 314 | } |
| 315 | if (ioctl(if_fd,IF_UNITSEL,(char *)&ppa) < 0) { |
| 316 | fatal_perror("%s: can't set ppa %d",st->nl.name,ppa); |
| 317 | } |
| 318 | if (ioctl(ip_fd, I_LINK, if_fd) < 0) { |
| 319 | fatal_perror("%s: can't link TUN device to IP",st->nl.name); |
| 320 | } |
| 321 | st->interface_name=safe_malloc(10,"tun_apply"); |
| 322 | sprintf(st->interface_name,"tun%d",ppa); |
| 323 | st->fd=tun_fd; |
| 324 | #else |
| 325 | fatal("tun_phase_hook: TUN_FLAVOUR_STREAMS unexpected"); |
| 326 | #endif /* HAVE_TUN_STREAMS */ |
| 327 | } else { |
| 328 | fatal("tun_phase_hook: unknown flavour of TUN"); |
| 329 | } |
| 330 | /* All the networks we'll be using have been registered. Invoke ifconfig |
| 331 | to set the TUN device's address, and route to add routes to all |
| 332 | our networks. */ |
| 333 | |
| 334 | hostaddr=ipaddr_to_string(st->local_address); |
| 335 | secnetaddr=ipaddr_to_string(st->nl.secnet_address); |
| 336 | snprintf(mtu,6,"%d",st->nl.mtu); |
| 337 | mtu[5]=0; |
| 338 | |
| 339 | switch (st->ifconfig_type) { |
| 340 | case TUN_CONFIG_LINUX: |
| 341 | sys_cmd(st->ifconfig_path,"ifconfig",st->interface_name, |
| 342 | hostaddr,"netmask","255.255.255.255","-broadcast", |
| 343 | "-multicast", |
| 344 | "pointopoint",secnetaddr,"mtu",mtu,"up",(char *)0); |
| 345 | break; |
| 346 | case TUN_CONFIG_BSD: |
| 347 | sys_cmd(st->ifconfig_path,"ifconfig",st->interface_name, |
| 348 | hostaddr,"netmask","255.255.255.255", |
| 349 | secnetaddr,"mtu",mtu,"up",(char *)0); |
| 350 | break; |
| 351 | case TUN_CONFIG_SOLARIS25: |
| 352 | sys_cmd(st->ifconfig_path,"ifconfig",st->interface_name, |
| 353 | hostaddr,secnetaddr,"mtu",mtu,"up",(char *)0); |
| 354 | break; |
| 355 | case TUN_CONFIG_IOCTL: |
| 356 | #ifdef HAVE_NET_IF_H |
| 357 | { |
| 358 | int fd; |
| 359 | struct ifreq ifr; |
| 360 | struct sockaddr_in *sa; |
| 361 | fd=socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); |
| 362 | |
| 363 | /* Interface address */ |
| 364 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); |
| 365 | sa=(struct sockaddr_in *)&ifr.ifr_addr; |
| 366 | memset(sa,0,sizeof(*sa)); |
| 367 | sa->sin_family=AF_INET; |
| 368 | sa->sin_addr.s_addr=htonl(st->local_address); |
| 369 | if (ioctl(fd,SIOCSIFADDR, &ifr)!=0) { |
| 370 | fatal_perror("tun_apply: SIOCSIFADDR"); |
| 371 | } |
| 372 | #ifdef SIOCSIFNETMASK |
| 373 | /* Netmask */ |
| 374 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); |
| 375 | sa=(struct sockaddr_in *)&ifr.ifr_netmask; |
| 376 | memset(sa,0,sizeof(*sa)); |
| 377 | sa->sin_family=AF_INET; |
| 378 | sa->sin_addr.s_addr=htonl(0xffffffff); |
| 379 | if (ioctl(fd,SIOCSIFNETMASK, &ifr)!=0) { |
| 380 | fatal_perror("tun_apply: SIOCSIFNETMASK"); |
| 381 | } |
| 382 | #endif |
| 383 | /* Destination address (point-to-point) */ |
| 384 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); |
| 385 | sa=(struct sockaddr_in *)&ifr.ifr_dstaddr; |
| 386 | memset(sa,0,sizeof(*sa)); |
| 387 | sa->sin_family=AF_INET; |
| 388 | sa->sin_addr.s_addr=htonl(st->nl.secnet_address); |
| 389 | if (ioctl(fd,SIOCSIFDSTADDR, &ifr)!=0) { |
| 390 | fatal_perror("tun_apply: SIOCSIFDSTADDR"); |
| 391 | } |
| 392 | /* MTU */ |
| 393 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); |
| 394 | ifr.ifr_mtu=st->nl.mtu; |
| 395 | if (ioctl(fd,SIOCSIFMTU, &ifr)!=0) { |
| 396 | fatal_perror("tun_apply: SIOCSIFMTU"); |
| 397 | } |
| 398 | /* Flags */ |
| 399 | strncpy(ifr.ifr_name,st->interface_name,IFNAMSIZ); |
| 400 | ifr.ifr_flags=IFF_UP|IFF_POINTOPOINT|IFF_RUNNING|IFF_NOARP; |
| 401 | if (ioctl(fd,SIOCSIFFLAGS, &ifr)!=0) { |
| 402 | fatal_perror("tun_apply: SIOCSIFFLAGS"); |
| 403 | } |
| 404 | |
| 405 | close(fd); |
| 406 | } |
| 407 | #else |
| 408 | fatal("tun_apply: ifconfig by ioctl() not supported"); |
| 409 | #endif /* HAVE_NET_IF_H */ |
| 410 | break; |
| 411 | default: |
| 412 | fatal("tun_apply: unsupported ifconfig method"); |
| 413 | break; |
| 414 | } |
| 415 | |
| 416 | for (r=st->nl.clients; r; r=r->next) { |
| 417 | tun_set_route(st,r); |
| 418 | } |
| 419 | |
| 420 | /* Register for poll() */ |
| 421 | register_for_poll(st, tun_beforepoll, tun_afterpoll, 1, st->nl.name); |
| 422 | } |
| 423 | |
| 424 | static list_t *tun_create(closure_t *self, struct cloc loc, dict_t *context, |
| 425 | list_t *args,uint32_t default_flavour) |
| 426 | { |
| 427 | struct tun *st; |
| 428 | item_t *item; |
| 429 | dict_t *dict; |
| 430 | string_t flavour,type; |
| 431 | |
| 432 | st=safe_malloc(sizeof(*st),"tun_apply"); |
| 433 | |
| 434 | /* First parameter must be a dict */ |
| 435 | item=list_elem(args,0); |
| 436 | if (!item || item->type!=t_dict) |
| 437 | cfgfatal(loc,"tun","parameter must be a dictionary\n"); |
| 438 | |
| 439 | dict=item->data.dict; |
| 440 | |
| 441 | st->netlink_to_tunnel= |
| 442 | netlink_init(&st->nl,st,loc,dict, |
| 443 | "netlink-tun",tun_set_route,tun_deliver_to_kernel); |
| 444 | |
| 445 | flavour=dict_read_string(dict,"flavour",False,"tun-netlink",loc); |
| 446 | if (flavour) |
| 447 | st->tun_flavour=string_to_word(flavour,loc,flavours,"tun-flavour"); |
| 448 | else |
| 449 | st->tun_flavour=default_flavour; |
| 450 | |
| 451 | st->device_path=dict_read_string(dict,"device",False,"tun-netlink",loc); |
| 452 | st->ip_path=dict_read_string(dict,"ip-path",False,"tun-netlink",loc); |
| 453 | st->interface_name=dict_read_string(dict,"interface",False, |
| 454 | "tun-netlink",loc); |
| 455 | st->search_for_if=dict_read_bool(dict,"interface-search",False, |
| 456 | "tun-netlink",loc,st->device_path==NULL); |
| 457 | |
| 458 | type=dict_read_string(dict,"ifconfig-type",False,"tun-netlink",loc); |
| 459 | if (type) st->ifconfig_type=string_to_word(type,loc,config_types, |
| 460 | "ifconfig-type"); |
| 461 | else st->ifconfig_type=TUN_CONFIG_GUESS; |
| 462 | st->ifconfig_path=dict_read_string(dict,"ifconfig-path",False, |
| 463 | "tun-netlink",loc); |
| 464 | |
| 465 | type=dict_read_string(dict,"route-type",False,"tun-netlink",loc); |
| 466 | if (type) st->route_type=string_to_word(type,loc,config_types, |
| 467 | "route-type"); |
| 468 | else st->route_type=TUN_CONFIG_GUESS; |
| 469 | st->route_path=dict_read_string(dict,"route-path",False,"tun-netlink",loc); |
| 470 | |
| 471 | st->buff=find_cl_if(dict,"buffer",CL_BUFFER,True,"tun-netlink",loc); |
| 472 | st->local_address=string_item_to_ipaddr( |
| 473 | dict_find_item(dict,"local-address", True, "netlink", loc),"netlink"); |
| 474 | |
| 475 | if (st->tun_flavour==TUN_FLAVOUR_GUESS) { |
| 476 | /* If we haven't been told what type of TUN we're using, take |
| 477 | a guess based on the system details. */ |
| 478 | struct utsname u; |
| 479 | if (uname(&u)<0) { |
| 480 | fatal_perror("tun_create: uname"); |
| 481 | } |
| 482 | if (strcmp(u.sysname,"Linux")==0) { |
| 483 | if (u.release[0]=='2' && u.release[1]=='.' && u.release[3]=='.') { |
| 484 | if (u.release[2]=='2') st->tun_flavour=TUN_FLAVOUR_BSD; |
| 485 | else if (u.release[2]=='4') st->tun_flavour=TUN_FLAVOUR_LINUX; |
| 486 | } |
| 487 | } else if (strcmp(u.sysname,"SunOS")==0) { |
| 488 | st->tun_flavour=TUN_FLAVOUR_STREAMS; |
| 489 | } else if (strcmp(u.sysname,"FreeBSD")==0) { |
| 490 | st->tun_flavour=TUN_FLAVOUR_BSD; |
| 491 | } |
| 492 | } |
| 493 | if (st->tun_flavour==TUN_FLAVOUR_GUESS) { |
| 494 | cfgfatal(loc,"tun","cannot guess which type of TUN is in use; " |
| 495 | "specify the flavour explicitly\n"); |
| 496 | } |
| 497 | |
| 498 | if (st->ifconfig_type==TUN_CONFIG_GUESS) { |
| 499 | switch (st->tun_flavour) { |
| 500 | case TUN_FLAVOUR_LINUX: |
| 501 | st->ifconfig_type=TUN_CONFIG_IOCTL; |
| 502 | break; |
| 503 | case TUN_FLAVOUR_BSD: |
| 504 | /* XXX on Linux we still want TUN_CONFIG_IOCTL. Perhaps we can |
| 505 | use this on BSD too. */ |
| 506 | st->ifconfig_type=TUN_CONFIG_IOCTL; |
| 507 | break; |
| 508 | case TUN_FLAVOUR_STREAMS: |
| 509 | st->ifconfig_type=TUN_CONFIG_BSD; |
| 510 | break; |
| 511 | } |
| 512 | } |
| 513 | if (st->route_type==TUN_CONFIG_GUESS) |
| 514 | st->route_type=st->ifconfig_type; |
| 515 | |
| 516 | if (st->ifconfig_type==TUN_CONFIG_GUESS) { |
| 517 | cfgfatal(loc,"tun","cannot guess which ifconfig method to use\n"); |
| 518 | } |
| 519 | if (st->route_type==TUN_CONFIG_GUESS) { |
| 520 | cfgfatal(loc,"tun","cannot guess which route method to use\n"); |
| 521 | } |
| 522 | |
| 523 | if (st->ifconfig_type==TUN_CONFIG_IOCTL && st->ifconfig_path) { |
| 524 | cfgfatal(loc,"tun","ifconfig-type \"ioctl\" is incompatible with " |
| 525 | "ifconfig-path\n"); |
| 526 | } |
| 527 | if (st->route_type==TUN_CONFIG_IOCTL && st->route_path) { |
| 528 | cfgfatal(loc,"tun","route-type \"ioctl\" is incompatible with " |
| 529 | "route-path\n"); |
| 530 | } |
| 531 | |
| 532 | Message(M_DEBUG_CONFIG,"%s: tun flavour %s\n",st->nl.name, |
| 533 | tun_flavour_str(st->tun_flavour)); |
| 534 | switch (st->tun_flavour) { |
| 535 | case TUN_FLAVOUR_BSD: |
| 536 | if (!st->device_path) st->device_path="/dev/tun"; |
| 537 | break; |
| 538 | case TUN_FLAVOUR_LINUX: |
| 539 | if (!st->device_path) st->device_path="/dev/net/tun"; |
| 540 | break; |
| 541 | case TUN_FLAVOUR_STREAMS: |
| 542 | if (!st->device_path) st->device_path="/dev/tun"; |
| 543 | if (st->interface_name) cfgfatal(loc,"tun","interface name cannot " |
| 544 | "be specified with STREAMS TUN\n"); |
| 545 | break; |
| 546 | } |
| 547 | |
| 548 | if (!st->ip_path) st->ip_path="/dev/ip"; |
| 549 | if (!st->ifconfig_path) st->ifconfig_path="ifconfig"; |
| 550 | if (!st->route_path) st->route_path="route"; |
| 551 | |
| 552 | #ifndef HAVE_TUN_STREAMS |
| 553 | if (st->tun_flavour==TUN_FLAVOUR_STREAMS) { |
| 554 | cfgfatal(loc,"tun","TUN flavour STREAMS unsupported in this build " |
| 555 | "of secnet\n"); |
| 556 | } |
| 557 | #endif |
| 558 | #ifndef LINUX_TUN_SUPPORTED |
| 559 | if (st->tun_flavour==TUN_FLAVOUR_LINUX) { |
| 560 | cfgfatal(loc,"tun","TUN flavour LINUX unsupported in this build " |
| 561 | "of secnet\n"); |
| 562 | } |
| 563 | #endif |
| 564 | |
| 565 | /* Old TUN interface: the network interface name depends on which |
| 566 | /dev/tunX file we open. If 'interface-search' is set to true, treat |
| 567 | 'device' as the prefix and try numbers from 0--255. If it's set |
| 568 | to false, treat 'device' as the whole name, and require than an |
| 569 | appropriate interface name be specified. */ |
| 570 | if (st->tun_flavour==TUN_FLAVOUR_BSD) { |
| 571 | if (st->search_for_if && st->interface_name) { |
| 572 | cfgfatal(loc,"tun","you may not specify an interface name " |
| 573 | "in interface-search mode\n"); |
| 574 | } |
| 575 | if (!st->search_for_if && !st->interface_name) { |
| 576 | cfgfatal(loc,"tun","you must specify an interface name " |
| 577 | "when you explicitly specify a TUN device file\n"); |
| 578 | } |
| 579 | } |
| 580 | |
| 581 | add_hook(PHASE_GETRESOURCES,tun_phase_hook,st); |
| 582 | |
| 583 | return new_closure(&st->nl.cl); |
| 584 | } |
| 585 | |
| 586 | static list_t *tun_apply(closure_t *self, struct cloc loc, dict_t *context, |
| 587 | list_t *args) |
| 588 | { |
| 589 | return tun_create(self,loc,context,args,TUN_FLAVOUR_GUESS); |
| 590 | } |
| 591 | |
| 592 | static list_t *tun_bsd_apply(closure_t *self, struct cloc loc, dict_t *context, |
| 593 | list_t *args) |
| 594 | { |
| 595 | Message(M_WARNING,"(%s,%d): obsolete use of tun-old; replace with tun " |
| 596 | "and specify flavour \"bsd\".\n",loc.file,loc.line); |
| 597 | return tun_create(self,loc,context,args,TUN_FLAVOUR_BSD); |
| 598 | } |
| 599 | |
| 600 | init_module tun_module; |
| 601 | void tun_module(dict_t *dict) |
| 602 | { |
| 603 | add_closure(dict,"tun",tun_apply); |
| 604 | add_closure(dict,"tun-old",tun_bsd_apply); |
| 605 | } |