#include <pwd.h>
#include <grp.h>
+#ifdef HAVE_LIBADNS
+# define ADNS_FEATURE_MANYAF
+# include <adns.h>
+#endif
+
#include <mLib/alloc.h>
#include <mLib/arena.h>
#include <mLib/base64.h>
-#include <mLib/bres.h>
+#ifndef HAVE_LIBADNS
+# include <mLib/bres.h>
+#endif
#include <mLib/codec.h>
#include <mLib/daemonize.h>
#include <mLib/dstr.h>
/*----- Data structures ---------------------------------------------------*/
+/* --- The address-family table --- */
+
+#define ADDRFAM(_) \
+ _(INET, want_ipv4) \
+ _(INET6, want_ipv6)
+
+enum {
+#define ENUM(af, qf) AFIX_##af,
+ ADDRFAM(ENUM)
+#undef ENUM
+ NADDRFAM
+};
+
+extern const struct addrfam {
+ int af;
+ const char *name;
+#ifdef HAVE_LIBADNS
+ adns_queryflags qf;
+#endif
+} aftab[NADDRFAM];
+
/* --- Socket addresses --- *
*
* A magic union of supported socket addresses.
typedef union addr {
struct sockaddr sa;
struct sockaddr_in sin;
+ struct sockaddr_in6 sin6;
} addr;
/* --- Mapping keyed on addresses --- */
unsigned f; /* Flags for the peer */
#define PSF_KXMASK 255u /* Key-exchange flags to set */
#define PSF_MOBILE 256u /* Address may change rapidly */
+#define PSF_EPHEM 512u /* Association is ephemeral */
} peerspec;
typedef struct peer_byname {
peer_byaddr *byaddr; /* Lookup-by-address block */
struct ping *pings; /* Pings we're waiting for */
peerspec spec; /* Specifications for this peer */
+ int afix; /* Index of address family */
tunnel *t; /* Tunnel for local packets */
char *ifname; /* Interface name for tunnel */
keyset *ks; /* List head for keysets */
typedef struct peer_iter { sym_iter i; } peer_iter;
+typedef struct udpsocket {
+ sel_file sf; /* Selector for the socket */
+ unsigned port; /* Chosen port number */
+} udpsocket;
+
typedef struct ping {
struct ping *next, *prev; /* Links to next and previous */
peer *p; /* Peer so we can free it */
typedef struct admin_resop {
admin_bgop bg; /* Background operation header */
char *addr; /* Hostname to be resolved */
+#ifdef HAVE_LIBADNS
+ adns_query q;
+#else
bres_client r; /* Background resolver task */
+#endif
sel_timer t; /* Timer for resolver */
addr sa; /* Socket address */
+ unsigned port; /* Port number chosen */
size_t sasz; /* Socket address size */
void (*func)(struct admin_resop *, int); /* Handler */
} admin_resop;
extern octet buf_i[PKBUFSZ], buf_o[PKBUFSZ], buf_t[PKBUFSZ], buf_u[PKBUFSZ];
extern const tunnel_ops *tunnels[]; /* Table of tunnels (0-term) */
extern const tunnel_ops *tun_default; /* Default tunnel to use */
+extern udpsocket udpsock[NADDRFAM]; /* The master UDP sockets */
extern kdata *master; /* Default private key */
extern const char *tag_priv; /* Default private key tag */
*
* Returns: ---
*
- * Use: Creates a new admin connection.
+ * Use: Creates a new admin connection. It's safe to call this
+ * before @a_init@ -- and, indeed, this makes sense if you also
+ * call @a_switcherr@ to report initialization errors through
+ * the administration machinery.
*/
extern void a_create(int /*fd_in*/, int /*fd_out*/, unsigned /*f*/);
extern void a_daemon(void);
+/* --- @a_listen@ --- *
+ *
+ * Arguments: @const char *name@ = socket name to create
+ * @uid_t u@ = user to own the socket
+ * @gid_t g@ = group to own the socket
+ * @mode_t m@ = permissions to set on the socket
+ *
+ * Returns: ---
+ *
+ * Use: Creates the admin listening socket.
+ */
+
+extern void a_listen(const char */*sock*/,
+ uid_t /*u*/, gid_t /*g*/, mode_t /*m*/);
+
+/* --- @a_switcherr@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Arrange to report warnings, trace messages, etc. to
+ * administration clients rather than the standard-error stream.
+ *
+ * Obviously this makes no sense unless there is at least one
+ * client established. Calling @a_listen@ won't help with this,
+ * because the earliest a new client can connect is during the
+ * first select-loop iteration, which is too late: some initial
+ * client must have been added manually using @a_create@.
+ */
+
+extern void a_switcherr(void);
+
+/* --- @a_signals@ --- *
+ *
+ * Arguments: ---
+ *
+ * Returns: ---
+ *
+ * Use: Establishes handlers for the obvious signals.
+ */
+
+extern void a_signals(void);
+
/* --- @a_init@ --- *
*
* Arguments: @const char *sock@ = socket name to create
* Use: Creates the admin listening socket.
*/
-extern void a_init(const char */*sock*/,
- uid_t /*u*/, gid_t /*g*/, mode_t /*m*/);
+extern void a_init(void);
/*----- Mapping with addresses as keys ------------------------------------*/
extern const addr *p_addr(peer */*p*/);
-/* --- @p_init@ --- *
+/* --- @p_bind@ --- *
*
- * Arguments: @struct in_addr addr@ = address to bind to
- * @unsigned port@ = port number to listen to
+ * Arguments: @struct addrinfo *ailist@ = addresses to bind to
*
* Returns: ---
*
- * Use: Initializes the peer system; creates the socket.
+ * Use: Binds to the main UDP sockets.
*/
-extern void p_init(struct in_addr /*addr*/, unsigned /*port*/);
+extern void p_bind(struct addrinfo */*ailist*/);
-/* --- @p_port@ --- *
+/* --- @p_init@ --- *
*
* Arguments: ---
*
- * Returns: Port number used for socket.
+ * Returns: ---
+ *
+ * Use: Initializes the peer system.
*/
-unsigned p_port(void);
+extern void p_init(void);
/* --- @p_create@ --- *
*
/* --- @p_destroy@ --- *
*
* Arguments: @peer *p@ = pointer to a peer
+ * @int bye@ = say goodbye to the peer?
*
* Returns: ---
*
* Use: Destroys a peer.
*/
-extern void p_destroy(peer */*p*/);
+extern void p_destroy(peer */*p*/, int /*bye*/);
/* --- @FOREACH_PEER@ --- *
*
extern int mystrieq(const char */*x*/, const char */*y*/);
+/* --- @afix@ --- *
+ *
+ * Arguments: @int af@ = an address family code
+ *
+ * Returns: The index of the address family's record in @aftab@, or @-1@.
+ */
+
+extern int afix(int af);
+
/* --- @addrsz@ --- *
*
* Arguments: @const addr *a@ = a network address
extern socklen_t addrsz(const addr */*a*/);
+/* --- @getport@, @setport@ --- *
+ *
+ * Arguments: @addr *a@ = a network address
+ * @unsigned port@ = port number to set
+ *
+ * Returns: ---
+ *
+ * Use: Retrieves or sets the port number in an address structure.
+ */
+
+extern unsigned getport(addr */*a*/);
+extern void setport(addr */*a*/, unsigned /*port*/);
+
/* --- @seq_reset@ --- *
*
* Arguments: @seqwin *s@ = sequence-checking window