const char *name; /* Name of this tunnel driver */
unsigned flags; /* Various interesting flags */
#define TUNF_PRIVOPEN 1u /* Need helper to open file */
- void (*init)(void); /* Initializes the system */
+ int (*init)(void); /* Initializes the system */
tunnel *(*create)(struct peer */*p*/, int /*fd*/, char **/*ifn*/);
/* Initializes a new tunnel */
void (*setifname)(tunnel */*t*/, const char */*ifn*/);
struct tunnel { const tunnel_ops *ops; };
#endif
+typedef struct tun_iter {
+ const struct tunnel_node *next;
+} tun_iter;
+
/* --- Peer statistics --- *
*
* Contains various interesting and not-so-interesting statistics about a
typedef struct peer_iter { sym_iter i; } peer_iter;
+typedef struct udpsocket {
+ sel_file sf; /* Selector for the socket */
+ unsigned port; /* Chosen port number */
+} udpsocket;
+
typedef struct ping {
struct ping *next, *prev; /* Links to next and previous */
peer *p; /* Peer so we can free it */
extern sel_state sel; /* Global I/O event state */
extern octet buf_i[PKBUFSZ], buf_o[PKBUFSZ], buf_t[PKBUFSZ], buf_u[PKBUFSZ];
-extern const tunnel_ops *tunnels[]; /* Table of tunnels (0-term) */
-extern const tunnel_ops *tun_default; /* Default tunnel to use */
-extern sel_file udpsock[NADDRFAM]; /* The master UDP sockets */
+extern udpsocket udpsock[NADDRFAM]; /* The master UDP sockets */
extern kdata *master; /* Default private key */
-extern const char *tag_priv; /* Default private key tag */
+extern char *tag_priv; /* Default private key tag */
#ifndef NTRACE
extern const trace_opt tr_opts[]; /* Trace options array */
* @const char *pubkr@ = public keyring file
* @const char *ptag@ = default private-key tag
*
- * Returns: ---
+ * Returns: Zero on success, @-1@ on failure.
*
* Use: Initializes the key-management machinery, loading the
* keyrings and so on.
*/
-extern void km_init(const char */*privkr*/, const char */*pubkr*/,
- const char */*ptag*/);
+extern int km_init(const char */*privkr*/, const char */*pubkr*/,
+ const char */*ptag*/);
/* --- @km_reload@ --- *
*
extern int km_reload(void);
+/* --- @km_clear@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Forget the currently loaded keyrings. The @master@ key will
+ * be cleared, but other keys already loaded will continue to
+ * exist until their reference count drops to zero. Call
+ * @km_init@ to make everything work again.
+ */
+
+extern void km_clear(void);
+
/* --- @km_findpub@, @km_findpriv@ --- *
*
* Arguments: @const char *tag@ = key tag to load
*
* * "?PEER" PEER -- peer's name
*
- * * "?ERRNO" ERRNO -- system error code
+ * * "?ERR" CODE -- system error code
+ *
+ * * "?ERRNO" -- system error code from @errno@
*
* * "[!]..." ... -- @dstr_putf@-like string as single token
*/
*
* Returns: ---
*
- * Use: Creates a new admin connection.
+ * Use: Creates a new admin connection. It's safe to call this
+ * before @a_init@ -- and, indeed, this makes sense if you also
+ * call @a_switcherr@ to report initialization errors through
+ * the administration machinery.
*/
extern void a_create(int /*fd_in*/, int /*fd_out*/, unsigned /*f*/);
-/* --- @a_quit@ --- *
- *
- * Arguments: ---
- *
- * Returns: ---
- *
- * Use: Shuts things down nicely.
- */
-
-extern void a_quit(void);
-
/* --- @a_preselect@ --- *
*
* Arguments: ---
extern void a_daemon(void);
+/* --- @a_listen@ --- *
+ *
+ * Arguments: @const char *name@ = socket name to create
+ * @uid_t u@ = user to own the socket
+ * @gid_t g@ = group to own the socket
+ * @mode_t m@ = permissions to set on the socket
+ *
+ * Returns: Zero on success, @-1@ on failure.
+ *
+ * Use: Creates the admin listening socket.
+ */
+
+extern int a_listen(const char */*sock*/,
+ uid_t /*u*/, gid_t /*g*/, mode_t /*m*/);
+
+/* --- @a_unlisten@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Stops listening to the administration socket and removes it.
+ */
+
+extern void a_unlisten(void);
+
+/* --- @a_switcherr@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Arrange to report warnings, trace messages, etc. to
+ * administration clients rather than the standard-error stream.
+ *
+ * Obviously this makes no sense unless there is at least one
+ * client established. Calling @a_listen@ won't help with this,
+ * because the earliest a new client can connect is during the
+ * first select-loop iteration, which is too late: some initial
+ * client must have been added manually using @a_create@.
+ */
+
+extern void a_switcherr(void);
+
+/* --- @a_signals@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Establishes handlers for the obvious signals.
+ */
+
+extern void a_signals(void);
+
/* --- @a_init@ --- *
*
* Arguments: @const char *sock@ = socket name to create
* @gid_t g@ = group to own the socket
* @mode_t m@ = permissions to set on the socket
*
- * Returns: ---
+ * Returns: Zero on success, @-1@ on failure.
*
* Use: Creates the admin listening socket.
*/
-extern void a_init(const char */*sock*/,
- uid_t /*u*/, gid_t /*g*/, mode_t /*m*/);
+extern int a_init(void);
/*----- Mapping with addresses as keys ------------------------------------*/
*
* Arguments: @int detachp@ = whether to detach the child from its terminal
*
- * Returns: ---
+ * Returns: Zero on success, @-1@ on failure.
*
* Use: Separates off the privileged tunnel-opening service from the
* rest of the server.
*/
-extern void ps_split(int /*detachp*/);
+extern int ps_split(int /*detachp*/);
/* --- @ps_quit@ --- *
*
extern const addr *p_addr(peer */*p*/);
-/* --- @p_init@ --- *
+/* --- @p_bind@ --- *
*
* Arguments: @struct addrinfo *ailist@ = addresses to bind to
*
+ * Returns: Zero on success, @-1@ on failure.
+ *
+ * Use: Binds to the main UDP sockets.
+ */
+
+extern int p_bind(struct addrinfo */*ailist*/);
+
+/* --- @p_unbind@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Unbinds the UDP sockets. There must not be any active peers,
+ * and none can be created until the sockets are rebound.
+ */
+
+extern void p_unbind(void);
+
+/* --- @p_init@ --- *
+ *
+ * Arguments: ---
+ *
* Returns: ---
*
- * Use: Initializes the peer system; creates the socket.
+ * Use: Initializes the peer system.
*/
-extern void p_init(struct addrinfo */*ailist*/);
+extern void p_init(void);
-/* --- @p_port@ --- *
+/* --- @p_addtun@ --- *
+ *
+ * Arguments: @const tunnel_ops *tops@ = tunnel ops to add
*
- * Arguments: @int i@ = address family index to retrieve
+ * Returns: Zero on success, @-1@ on failure.
*
- * Returns: Port number used for socket.
+ * Use: Adds a tunnel class to the list of known classes, if it
+ * initializes properly. If there is no current default tunnel,
+ * then this one is made the default.
+ *
+ * Does nothing if the tunnel class is already known. So adding
+ * a bunch of tunnels takes quadratic time, but there will be
+ * too few to care about.
*/
-extern unsigned p_port(int /*i*/);
+extern int p_addtun(const tunnel_ops */*tops*/);
+
+/* --- @p_setdflttun@ --- *
+ *
+ * Arguments: @const tunnel_ops *tops@ = tunnel ops to set
+ *
+ * Returns: ---
+ *
+ * Use: Sets the default tunnel. It must already be registered. The
+ * old default is forgotten.
+ */
+
+extern void p_setdflttun(const tunnel_ops */*tops*/);
+
+/* --- @p_dflttun@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: A pointer to the current default tunnel operations, or null
+ * if no tunnels are defined.
+ */
+
+extern const tunnel_ops *p_dflttun(void);
+
+/* --- @p_findtun@ --- *
+ *
+ * Arguments: @const char *name@ = tunnel name
+ *
+ * Returns: Pointer to the tunnel operations, or null.
+ *
+ * Use: Finds the operations for a named tunnel class.
+ */
+
+extern const tunnel_ops *p_findtun(const char */*name*/);
+
+/* --- @p_mktuniter@ --- *
+ *
+ * Arguments: @tuniter *i@ = pointer to iterator to initialize
+ *
+ * Returns: ---
+ *
+ * Use: Initializes a tunnel iterator.
+ */
+
+extern void p_mktuniter(tun_iter */*i*/);
+
+/* --- @p_nexttun@ --- *
+ *
+ * Arguments: @tuniter *i@ = pointer to iterator
+ *
+ * Returns: Pointer to the next tunnel's operations, or null.
+ */
+
+extern const tunnel_ops *p_nexttun(tun_iter */*i*/);
+
+/* --- @FOREACH_TUN@ --- *
+ *
+ * Arguments: @tops@ = name to bind to each tunnel
+ * @stuff@ = thing to do for each item
+ *
+ * Use: Does something for each known tunnel class.
+ */
+
+#define FOREACH_TUN(tops, stuff) do { \
+ tun_iter i_; \
+ const tunnel_ops *tops; \
+ for (p_mktuniter(&i_); (tops = p_nexttun(&i_)) != 0; ) stuff; \
+} while (0)
/* --- @p_create@ --- *
*
extern void p_destroy(peer */*p*/, int /*bye*/);
+/* --- @p_destroyall@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Destroys all of the peers, saying goodbye.
+ */
+
+extern void p_destroyall(void);
+
/* --- @FOREACH_PEER@ --- *
*
* Arguments: @p@ = name to bind to each peer
extern peer *p_next(peer_iter */*i*/);
+/*----- The interval timer ------------------------------------------------*/
+
+/* --- @iv_addreason@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Adds an `interval timer reason'; if there are no others, the
+ * interval timer is engaged.
+ */
+
+extern void iv_addreason(void);
+
+/* --- @iv_rmreason@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Removes an interval timer reason; if there are none left, the
+ * interval timer is disengaged.
+ */
+
+extern void iv_rmreason(void);
+
+/*----- The main loop -----------------------------------------------------*/
+
+/* --- @lp_init@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Initializes the main loop. Most importantly, this sets up
+ * the select multiplexor that everything else hooks onto.
+ */
+
+extern void lp_init(void);
+
+/* --- @lp_end@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Requests an exit from the main loop.
+ */
+
+extern void lp_end(void);
+
+/* --- @lp_run@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: Zero on successful termination; @-1@ if things went wrong.
+ *
+ * Use: Cranks the main loop until it should be cranked no more.
+ */
+
+extern int lp_run(void);
+
/*----- Tunnel drivers ----------------------------------------------------*/
#ifdef TUN_LINUX