/*********************************************************************** * copyright (c) 2005 Bernd Schloer, Christian Dickmann * * * * This program is free software; you can redistribute it and/or * * modify it under the terms of the GNU General Public License * * as published by the Free Software Foundation; either version 2 * * of the License, or (at your option) any later version. * * * * This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * * GNU General Public License for more details. * * * * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the Free Software * * Foundation, Inc., 59 Temple Place - Suite 330, Boston, * * MA 02111-1307, USA. * * * * ------------------------------------------------------------------- * * project: NSIS-Project * * author : Bernd Schloer * * author : Christian Dickmann * ***********************************************************************/ #include "NsisConfiguration.h" #include "DebugLogger.h" #include "ConfigFileReader.h" #include "GistException.h" #include "constants.h" #include "config/LocalIPAddresses.h" #include "config/LocalIPV6Routes.h" #include "config/LocalIPV4Routes.h" #include #include #include "config_wrapper.h" NsisConfiguration::NsisConfiguration() { general_localIPv4s = 0; general_localIPv4Nets = 0; general_localIPv6s = 0; general_localIPv6Nets = 0; } NsisConfiguration::~NsisConfiguration() { } void NsisConfiguration::printCompilationInformation() { printf("NSIS daemon v%s\n", NSIS_VERSION); printf("\n"); printf("Build with following features:\n"); printf("IPv6 support \t\t\t"); #ifdef PROPER_IPV6_SUPPORT printf("yes\n"); #else printf("no\n"); #endif printf("Basic SCTP support\t\t"); #ifdef SCTP_SUPPORT printf("yes\n"); #else printf("no\n"); #endif printf("Extended SCTP support\t\t"); #ifdef SCTP_HEADER_FOUND printf("yes\n"); #else printf("no\n"); #endif printf("OpenSSL support\t\t\t"); #ifdef OPENSSL_FOUND printf("yes\n"); #else printf("no\n"); #endif printf("\n"); printf("Build with following NSLPs:\n"); printf("Diagnostics NSLP\t\t"); #ifdef BUILD_DIAG printf("yes\n"); #else printf("no\n"); #endif printf("NAT/FW NSLP\t\t\t"); #ifdef BUILD_NATFW printf("yes\n"); #else printf("no\n"); #endif printf("QoS NSLP\t\t\t"); #ifdef BUILD_QOS printf("yes\n"); #else printf("no\n"); #endif printf("Ping tool\t\t\t"); #ifdef BUILD_PING printf("yes\n"); #else printf("no\n"); #endif printf("\n"); printf("Misc:\n"); printf("Endian:\t\t\t\t"); #if BYTE_ORDER == LITTLE_ENDIAN printf("Little\n"); #endif #if BYTE_ORDER == BIG_ENDIAN printf("Big\n"); #endif printf("Use XORP:\t\t\t"); #ifdef USE_XORP printf("yes\n"); #else printf("no\n"); #endif } void NsisConfiguration::printUsage(char * progName) { printf("Usage: %s [NSLPs] [OPTIONS]\n", progName); printf("\nNSLPs:\n"); printf("-ping\t\t\tStart Ping NSLP together with GIST\n"); printf("-qos\t\t\tStart QoS NSLP together with GIST\n"); printf("--useEmbeddedPingDaemon\tEnable embedded Ping NSLP (only for receiving/forwarding Pings, no IPv6)\n"); printf("\nOptions:\n"); printf("-debug \t\tSet debug level (5 only errors - 1 everything) (default = 4)\n"); printf("-timer \t\tSet refresh timer to msecs\n"); printf("\nExamples:\n"); printf("Start NSIS with Ping NSLP. Enable some debug output.\n"); printf("\t%s -ping -debug 3\n", progName); printf("Start NSIS without any NSLP. Only show errors.\n"); printf("\t%s -debug 5\n", progName); printf("\nPlease note: You need a configuration file to configure the local IP addresses!\n"); } void NsisConfiguration::parseCommandLineParameters(int argc, char * argv[]) { // Look if the user specified a custom config file location int offset = 1; char * userSpecifiedConfigFile = 0; while (argc - offset > 0) { if (strcmp(argv[offset], "-c") == 0 && argc - offset > 1) { userSpecifiedConfigFile = argv[offset+1]; offset += 2; DebugLogger::print(4, "Using config file %s\n", userSpecifiedConfigFile); continue; }; offset ++; } // Read config file if (userSpecifiedConfigFile == 0 || readConfigFromFile(userSpecifiedConfigFile, false) == 0) { if (readConfigFromFile("nsis.conf", false) == 0) { readConfigFromFile("bin/nsis.conf", true); } } // Read command line arguments offset = 1; while (argc - offset > 0) { if (strcmp(argv[offset], "-c") == 0 && argc - offset > 1) { offset += 2; continue; }; if (strcmp(argv[offset], "--read-routing-table") == 0) { general_readRoutingTable = true; offset += 1; continue; }; if (strcmp(argv[offset], "-log") == 0 && argc - offset > 1) { DebugLogger::filename = argv[offset+1]; FILE * file = fopen(DebugLogger::filename, "w"); fclose(file); offset += 2; continue; }; if (strcmp(argv[offset], "-tlsdir") == 0 && argc - offset > 1) { tls_certdir = argv[offset+1]; FILE * file = fopen(DebugLogger::filename, "w"); fclose(file); offset += 2; continue; }; if (strcmp(argv[offset], "-timer") == 0 && argc - offset > 1) { unsigned int timerValue = atoi(argv[offset+1]); gist_timeout_refreshinterval = timerValue; gist_timeout_queryingnodestateexpiration = timerValue * 3 + 10000; gist_timeout_respondingnodestateexpiration = timerValue * 3 + 10000; offset += 2; DebugLogger::print(4, "Setting next_query_timer to %u\n", timerValue); continue; }; if (strcmp(argv[offset], "-debug") == 0 && argc - offset > 1) { DebugLogger::debugLevel = atoi(argv[offset+1]); if (DebugLogger::debugLevel > 5 || DebugLogger::debugLevel < 0) { DebugLogger::debugLevel = 4; }; offset += 2; DebugLogger::print(4, "Setting Debug Level to %u\n", DebugLogger::debugLevel); continue; } if (strcmp(argv[offset], "-sctprto") == 0 && argc - offset > 3) { sctp_minRTO = atoi(argv[offset+1]); sctp_initRTO = atoi(argv[offset+2]); sctp_maxRTO = atoi(argv[offset+3]); offset += 4; continue; } if (strcmp(argv[offset], "-sctppath") == 0 && argc - offset > 2) { sctp_maxRetransmissionCounter = atoi(argv[offset+1]); sctp_heartbeatInterval = atoi(argv[offset+2]); offset += 3; continue; } if (strcmp(argv[offset], "-i") == 0) { printCompilationInformation(); exit(0); offset += 1; continue; }; if (strcmp(argv[offset], "-ping") == 0) { startup_startPing = true; offset += 1; continue; }; if (strcmp(argv[offset], "-qos") == 0) { startup_startQos = true; offset += 1; continue; }; if (strcmp(argv[offset], "-natfw") == 0) { startup_startNatFw = true; offset += 1; continue; }; if (strcmp(argv[offset], "-diag") == 0) { startup_startDiag = true; offset += 1; continue; }; if (strcmp(argv[offset], "-interfaces") == 0 && argc - offset > 1) { general_interfaces = ConfigFileReader::getInterfaces(argv[offset + 1]); for (std::vector::iterator iter = general_interfaces.begin(); iter != general_interfaces.end(); iter++) { DebugLogger::print(4, "BSD: Listening on interface %s\n", *iter); } offset += 2; continue; }; if (strcmp(argv[offset], "-h") == 0 || strcmp(argv[offset], "--help") == 0) { printUsage(argv[0]); exit(0); offset += 1; continue; }; if (strcmp(argv[offset], "--short-path") == 0) { general_shortPath = true; offset += 1; continue; }; if (strcmp(argv[offset], "--useEmbeddedPingDaemon") == 0) { general_useEmbeddedPingDaemon = true; offset += 1; continue; }; DebugLogger::print(5, "unkown command '%s'\n", argv[offset]); offset++; } if (general_readRoutingTable) { readIPRoutingTable(); } } int NsisConfiguration::readConfigFromFile(char * filename, bool lastTry) { resetValues(); ConfigFileReader confReader; char cmd[100]; char value[100]; try { confReader.loadFile(filename); } catch (GistException * ex) { if (lastTry) { ex->print(); } return 0; }; while (confReader.readNextCommand(cmd, 100, value, 100)) { parseConfigFileLine(cmd, value); } confReader.closeFile(); return 1; } void NsisConfiguration::parseConfigFileLine(char * cmd, char * value) { if (strcmp(cmd, "readRoutingTable") == 0) { try { general_readRoutingTable = ConfigFileReader::getBooleanAnswer(value); } catch (GistException * ex) { throw new GistException("readRoutingTable has invalid value."); } return; } if (strcmp(cmd, "colorizedLog") == 0) { try { DebugLogger::colorizedLog = ConfigFileReader::getBooleanAnswer(value); } catch (GistException * ex) { throw new GistException("colorizedLog has invalid value."); } return; } if (strcmp(cmd, "bsd.interfaces") == 0) { try { general_interfaces = ConfigFileReader::getInterfaces(value); for (std::vector::iterator iter = general_interfaces.begin(); iter != general_interfaces.end(); iter++) { DebugLogger::print(4, "BSD: Listening on interface %s\n", *iter); } } catch (GistException * ex) { throw new GistException("bsd.interfaces has invalid value."); } return; } // Check for NSLPs that should be started together with GIST if (strcmp(cmd, "nslp.startPing") == 0) { try { bool start = ConfigFileReader::getBooleanAnswer(value); startup_startPing = start; } catch (GistException * ex) { throw new GistException("nslp.startPing has invalid value."); } return; } if (strcmp(cmd, "nslp.startQoS") == 0) { try { bool start = ConfigFileReader::getBooleanAnswer(value); startup_startQos = start; } catch (GistException * ex) { throw new GistException("nslp.startQoS has invalid value."); } return; } if (strcmp(cmd, "nslp.startNatFw") == 0) { try { bool start = ConfigFileReader::getBooleanAnswer(value); startup_startNatFw = start; } catch (GistException * ex) { throw new GistException("nslp.startNatFw has invalid value."); } return; } if (strcmp(cmd, "nslp.startDiag") == 0) { try { bool start = ConfigFileReader::getBooleanAnswer(value); startup_startDiag = start; } catch (GistException * ex) { throw new GistException("nslp.startDiag has invalid value."); } return; } // Check the GIST configuration if (strcmp(cmd, "gist.useSCTP") == 0) { try { bool useSCTP = ConfigFileReader::getBooleanAnswer(value); gist_useSCTP = useSCTP; } catch (GistException * ex) { throw new GistException("gist.useSCTP has invalid value."); } #ifndef SCTP_SUPPORT if (gist_useSCTP == true ) { gist_useSCTP = false; throw new GistException("No SCTP support detected (see \"nsis -i\"). gist.useSCTP has to be set to \"no\""); } #endif return; } if (strcmp(cmd, "gist.offerTLS") == 0) { try { bool offerTLS = ConfigFileReader::getBooleanAnswer(value); gist_offerTLS = offerTLS; if (offerTLS) { DebugLogger::print(4, "GIST is now configured to offer TLS as transport\n"); } } catch (GistException * ex) { throw new GistException("gist.offerTLS has invalid value."); } #ifndef OPENSSL_FOUND if (gist_offerTLS == true ) { gist_offerTLS = false; throw new GistException("No OPENSSL support detected (see \"nsis -i\"). gist.offerTLS has to be set to \"no\""); } #endif return; } if (strcmp(cmd, "gist.offerSCTP") == 0) { try { bool offerSCTP = ConfigFileReader::getBooleanAnswer(value); gist_offerSCTP = offerSCTP; if (offerSCTP) { DebugLogger::print(4, "GIST is now configured to offer SCTP as transport\n"); } } catch (GistException * ex) { throw new GistException("gist.offerSCTP has invalid value."); } #ifndef SCTP_SUPPORT if (gist_offerSCTP == true ) { gist_offerSCTP = false; throw new GistException("No SCTP support detected (see \"nsis -i\"). gist.offerSCTP has to be set to \"no\""); } #endif return; } if (strcmp(cmd, "gist.acceptExplicitMessages") == 0) { try { bool acceptExplicitMessages = ConfigFileReader::getBooleanAnswer(value); general_acceptExplicitMessages = acceptExplicitMessages; } catch (GistException * ex) { throw new GistException("gist.acceptExplicitMessages has invalid value."); } return; } if (strcmp(cmd, "gist.acceptStatelessGistMessage") == 0) { try { bool acceptStatelessGistMessage = ConfigFileReader::getBooleanAnswer(value); general_acceptStatelessGistMessage = acceptStatelessGistMessage; } catch (GistException * ex) { throw new GistException("gist.general_acceptStatelessGistMessage has invalid value."); } return; } // Timeout values if (strcmp(cmd, "gist.timeout.waitForInitialResponse") == 0) { try { int timeout = atoi(value); gist_timeout_waitforinitialresponse = timeout; } catch (GistException * ex) { throw new GistException("gist.timeout.waitForInitialResponse has invalid value."); } return; } if (strcmp(cmd, "gist.timeout.waitForConfirm") == 0) { try { int timeout = atoi(value); gist_timout_waitforconfirm = timeout; } catch (GistException * ex) { throw new GistException("gist.timeout.waitForConfirm has invalid value."); } return; } if (strcmp(cmd, "gist.timeout.refreshInterval") == 0) { try { int timeout = atoi(value); gist_timeout_refreshinterval = timeout; } catch (GistException * ex) { throw new GistException("gist.timeout.refreshInterval has invalid value."); } return; } if (strcmp(cmd, "gist.timeout.queryingNodeStateExpiration") == 0) { try { int timeout = atoi(value); gist_timeout_queryingnodestateexpiration = timeout; } catch (GistException * ex) { throw new GistException("gist.timeout.queryingNodeStateExpiration has invalid value."); } return; } if (strcmp(cmd, "gist.timeout.respondingNodeStateExpiration") == 0) { try { int timeout = atoi(value); gist_timeout_respondingnodestateexpiration = timeout; } catch (GistException * ex) { throw new GistException("gist.timeout.respondingNodeStateExpiration has invalid value."); } return; } // IPv4 and IPv6 address/routing configuration if (strcmp(cmd, "IPv4.entries") == 0) { general_localIPv4count = atoi(value); general_localIPv4s = new IPaddr[general_localIPv4count]; general_localIPv4Nets = new NsisConfiguration_IPv4_Net[general_localIPv4count]; for (int i = 0; i < general_localIPv4count; i++) { memset(&general_localIPv4s[i], 0, sizeof(IPaddr)); memset(&general_localIPv4Nets[i], 0, sizeof(NsisConfiguration_IPv4_Net)); general_localIPv4s[i].v4 = INADDR_NONE; general_localIPv4Nets[i].isPrivate = false; }; return; } if (strcmp(cmd, "IPv6.entries") == 0) { general_localIPv6count = atoi(value); general_localIPv6s = new IPaddr[general_localIPv6count]; general_localIPv6Nets = new NsisConfiguration_IPv6_Net[general_localIPv6count]; for (int i = 0; i < general_localIPv6count; i++) { memset(&general_localIPv6s[i], 0, sizeof(IPaddr)); memset(&general_localIPv6Nets[i], 0, sizeof(NsisConfiguration_IPv6_Net)); general_localIPv6s[i].v4 = INADDR_NONE; }; return; } for (int i = 0; i < general_localIPv4count; i++) { char tmp[100]; sprintf(tmp, "IPv4[%d].addr", i); if (strcmp(cmd, tmp) == 0) { general_localIPv4s[i].version = 4; general_localIPv4s[i].v4 = inet_addr(value); DebugLogger::print(4, "Configuration: Using %s as local IPv4 address\n", value); return; } sprintf(tmp, "IPv4[%d].net", i); if (strcmp(cmd, tmp) == 0) { general_localIPv4Nets[i].net = inet_addr(value); return; } sprintf(tmp, "IPv4[%d].mask", i); if (strcmp(cmd, tmp) == 0) { unsigned char mask = atoi(value); general_localIPv4Nets[i].mask = 0; for (int j = 0; j < mask; j++) { general_localIPv4Nets[i].mask = general_localIPv4Nets[i].mask | (1 << j); } return; } sprintf(tmp, "IPv4[%d].natfw.useAsExternalAddress", i); if (strcmp(cmd, tmp) == 0) { bool isExternal = false; try { isExternal = ConfigFileReader::getBooleanAnswer(value); } catch (GistException * ex) { throw new GistException("IPv4[x].natfw.useAsExternalAddress has invalid value."); } if (isExternal) { if (natfw_externalAddress != -1) { throw new GistException("Only one address can be the external address for NatFW"); } natfw_externalAddress = i; } return; } sprintf(tmp, "IPv4[%d].natfw.isPrivateNet", i); if (strcmp(cmd, tmp) == 0) { bool isPrivate = false; try { isPrivate = ConfigFileReader::getBooleanAnswer(value); general_localIPv4Nets[i].isPrivate = isPrivate; } catch (GistException * ex) { throw new GistException("IPv4[x].natfw.isPrivateNet has invalid value."); } return; } }; for (int i = 0; i < general_localIPv6count; i++) { char tmp[100]; sprintf(tmp, "IPv6[%d].addr", i); if (strcmp(cmd, tmp) == 0) { general_localIPv6s[i].version = 6; general_localIPv6s[i].v6present = true; inet_pton(AF_INET6, value, &general_localIPv6s[i].v6); DebugLogger::print(4, "Configuration: Using %s as local IPv6 address\n", value); return; } sprintf(tmp, "IPv6[%d].net", i); if (strcmp(cmd, tmp) == 0) { inet_pton(AF_INET6, value, &general_localIPv6Nets[i].net); return; } sprintf(tmp, "IPv6[%d].mask", i); if (strcmp(cmd, tmp) == 0) { unsigned char mask = atoi(value); unsigned char j = 0; memset(general_localIPv6Nets[i].mask, 0, 16); while (mask > 8) { general_localIPv6Nets[i].mask[j] = 0xff; mask -= 8; j++; } for (int t = 0; t < mask; t++) { general_localIPv6Nets[i].mask[j] = general_localIPv6Nets[i].mask[j] | (1 << t); } return; } }; /* NAT/Firewall configuration * example: * * natfw.isNAT = yes * natfw.isFW = no * natfw.resources.IPv4.entries = 2 * natfw.resources.IPv4[0].addr = 80.190.191.60 * natfw.resources.IPv4[0].ports = 2000-3000 * natfw.resources.IPv4[1].addr = 80.190.191.61 * natfw.resources.IPv4[1].ports = 2000-3000 * * This adds two IPv4 addresses to the list of resources consisting out of * two entried. The allocatable port ranges are identical for both entries. * The router acts only as a NAT, not a firewall. */ if (strcmp(cmd, "natfw.isFW") == 0) { try { bool isFW = ConfigFileReader::getBooleanAnswer(value); natfw_isFW = isFW; } catch (GistException * ex) { throw new GistException("natfw.isFW has invalid value."); } return; } if (strcmp(cmd, "natfw.isNAT") == 0) { try { bool isNat = ConfigFileReader::getBooleanAnswer(value); natfw_isNat = isNat; } catch (GistException * ex) { throw new GistException("natfw.isNAT has invalid value."); } return; } if (strcmp(cmd, "natfw.resources.IPv4.entries") == 0) { natfw_reservableIPv4count = atoi(value); natfw_reservableIPv4s = new IPaddr[natfw_reservableIPv4count]; for (int i = 0; i < natfw_reservableIPv4count; i++) { memset(&natfw_reservableIPv4s[i], 0, sizeof(IPaddr)); natfw_reservableIPv4s[i].v4 = INADDR_NONE; }; return; } for (int i = 0; i < natfw_reservableIPv4count; i++) { char tmp[100]; sprintf(tmp, "natfw.resources.IPv4[%d].addr", i); if (strcmp(cmd, tmp) == 0) { natfw_reservableIPv4s[i].version = 4; natfw_reservableIPv4s[i].v4 = inet_addr(value); NatFwDebugLogger::print(DEBUG_INFO, "Adding %s to the list of reservable resources\n", value); return; } sprintf(tmp, "natfw.resources.IPv4[%d].ports", i); if (strcmp(cmd, tmp) == 0) { char from[6], to[6]; int middle = 0; for(unsigned int j=0;j 0) { for (int i = 0; i < NsisConfiguration::general_localIPv4count; i++) { unsigned int mask = NsisConfiguration::general_localIPv4Nets[i].mask; unsigned int tmpAddr = NsisConfiguration::general_localIPv4Nets[i].net; if ((destIP.v4 & mask) == (tmpAddr & mask)) { addr = NsisConfiguration::general_localIPv4s[i]; } } } if (version == 6 && destIP.version == 6 && NsisConfiguration::general_localIPv6count > 0) { for (int i = 0; i < NsisConfiguration::general_localIPv6count; i++) { unsigned char * mask = NsisConfiguration::general_localIPv6Nets[i].mask; unsigned char * tmpAddr = NsisConfiguration::general_localIPv6Nets[i].net; bool equal = true; for (int j = 0; j < 16; j++) { if ((destIP.v6[j] & mask[j]) != (tmpAddr[j] & mask[j])) { equal = false; break; }; }; if (equal) { addr = NsisConfiguration::general_localIPv6s[i]; } } } if (addr.version == 0) { static char errMsg[500]; sprintf(errMsg, "findOutgoingLocalAddress failed: No local address was found for this destination address (%s). Please check your configuration", IPaddr::printIP(destIP)); throw new GistException(errMsg); } return addr; } bool NsisConfiguration::isEdgeRouter(int ipVersion) { if (!isRouter(ipVersion)) { return false; } bool privateFound = false; bool publicFound = false; if (ipVersion == 4) { for (int i = 0; i < NsisConfiguration::general_localIPv4count; i++) { if (NsisConfiguration::isNetworkPrivate(4, NsisConfiguration::general_localIPv4s[i])) { privateFound = true; } else { publicFound = true; } } } if (privateFound && publicFound) { return true; } return false; } bool NsisConfiguration::isRouter(int ipVersion) { IPaddr addr; addr.version = 0; int found = 0; if (ipVersion == 4) { for (int i = 0; i < NsisConfiguration::general_localIPv4count; i++) { if (general_localIPv4s[i] != addr) { addr = general_localIPv4s[i]; found++; } if (found >= 2) { return true; } } } if (ipVersion == 6) { for (int i = 0; i < NsisConfiguration::general_localIPv6count; i++) { if (general_localIPv6s[i] != addr) { addr = general_localIPv6s[i]; found++; } if (found >= 2) { return true; } } } return false; } bool NsisConfiguration::isNetworkPrivate(int version, IPaddr addr) { bool found = false; bool isPrivate = false; if (version == 4 && addr.version == 4 && NsisConfiguration::general_localIPv4count > 0) { for (int i = 0; i < NsisConfiguration::general_localIPv4count; i++) { unsigned int mask = NsisConfiguration::general_localIPv4Nets[i].mask; unsigned int tmpAddr = NsisConfiguration::general_localIPv4Nets[i].net; if ((addr.v4 & mask) == (tmpAddr & mask)) { found = true; isPrivate = NsisConfiguration::general_localIPv4Nets[i].isPrivate; } } if (!found) { IPaddr priv; inet_pton(AF_INET, "192.168.0.0", &priv.v4); addr.v4 = addr.v4 & 0x0000ffff; if (memcmp(&addr.v4, &priv.v4, 4) == 0) { return true; } inet_pton(AF_INET, "172.16.0.0", &priv.v4); addr.v4 = addr.v4 & 0x00000fff; if (memcmp(&addr.v4, &priv.v4, 4) == 0) { return true; } inet_pton(AF_INET, "10.0.0.0", &priv.v4); addr.v4 = addr.v4 & 0x000000ff; if (memcmp(&addr.v4, &priv.v4, 4) == 0) { return true; } return false; } } /* if (version == 6 && destIP.version == 6 && NsisConfiguration::general_localIPv6count > 0) { for (int i = 0; i < NsisConfiguration::general_localIPv6count; i++) { unsigned char * mask = NsisConfiguration::general_localIPv6Nets[i].mask; unsigned char * tmpAddr = NsisConfiguration::general_localIPv6Nets[i].net; bool equal = true; for (int j = 0; j < 16; j++) { if ((destIP.v6[j] & mask[j]) != (tmpAddr[j] & mask[j])) { equal = false; break; }; }; if (equal) { addr = NsisConfiguration::general_localIPv6s[i]; } } } */ if (!found) { throw new GistException("isNetworkPrivate failed: No network was found matching the provided address. Please check your configuration"); } return isPrivate; } void NsisConfiguration::readIPRoutingTable() { DebugLogger::print(4, "Reading IP Routing Table (overwrites nsis.conf IP addresses)\n"); LocalIPAddresses interfaceAddrList; LocalIPV4Routes v4Routes; LocalIPV6Routes v6Routes; delete general_localIPv4s; delete general_localIPv4Nets; delete general_localIPv6s; delete general_localIPv6Nets; general_localIPv4count = v4Routes.routecount; general_localIPv4s = new IPaddr[general_localIPv4count]; general_localIPv4Nets = new NsisConfiguration_IPv4_Net[general_localIPv4count]; for (int i = v4Routes.routecount - 1; i >= 0; i--) { unsigned int idx = v4Routes.routecount - 1 - i; memset(&general_localIPv4s[idx], 0, sizeof(IPaddr)); memset(&general_localIPv4Nets[idx], 0, sizeof(NsisConfiguration_IPv4_Net)); general_localIPv4s[idx].v4 = INADDR_NONE; general_localIPv4Nets[idx].isPrivate = false; for (unsigned int j = 0; j < interfaceAddrList.addresscount; j++) { if (interfaceAddrList.addresses[j].address.version != 4) { continue; } if (strcmp(v4Routes.routes[i].interface, interfaceAddrList.addresses[j].interface) == 0) { // Add route general_localIPv4s[idx] = interfaceAddrList.addresses[j].address; general_localIPv4Nets[idx].net = v4Routes.routes[i].destination.v4; unsigned char mask = v4Routes.routes[i].prefix_len; general_localIPv4Nets[idx].mask = 0; for (int k = 0; k < mask; k++) { general_localIPv4Nets[idx].mask = general_localIPv4Nets[idx].mask | (1 << k); } break; } } char buffer[2000]; sprintf(buffer, "Read Route from IP Routing Table: To:%s", IPaddr::printIP(general_localIPv4Nets[idx].net)); sprintf(buffer + strlen(buffer), "/%s ", IPaddr::printIP(general_localIPv4Nets[idx].mask)); sprintf(buffer + strlen(buffer), " with local IP: %s\n", IPaddr::printIP(general_localIPv4s[idx])); DebugLogger::print(4, buffer); } general_localIPv6count = v6Routes.routecount; general_localIPv6s = new IPaddr[general_localIPv6count]; general_localIPv6Nets = new NsisConfiguration_IPv6_Net[general_localIPv6count]; for (int i = v6Routes.routecount - 1; i >= 0; i--) { unsigned int idx = v6Routes.routecount - 1 - i; memset(&general_localIPv6s[idx], 0, sizeof(IPaddr)); memset(&general_localIPv6Nets[idx], 0, sizeof(NsisConfiguration_IPv6_Net)); general_localIPv6s[idx].v4 = INADDR_NONE; for (unsigned int j = 0; j < interfaceAddrList.addresscount; j++) { if (interfaceAddrList.addresses[j].address.version != 6) { continue; } if (strcmp(v6Routes.routes[i].interface, interfaceAddrList.addresses[j].interface) == 0) { // Add route general_localIPv6s[idx] = interfaceAddrList.addresses[j].address; memcpy(general_localIPv6Nets[idx].net, v6Routes.routes[i].destination.v6, 16); unsigned char mask = v6Routes.routes[i].prefix_len; unsigned char k = 0; memset(general_localIPv6Nets[idx].mask, 0, 16); while (mask > 8) { general_localIPv6Nets[idx].mask[k] = 0xff; mask -= 8; k++; } for (int l = 0; l < mask; l++) { general_localIPv6Nets[idx].mask[k] = general_localIPv6Nets[idx].mask[k] | (1 << l); } break; } } char buffer[2000]; sprintf(buffer, "Read Route from IPv6 Routing Table: To:%s", IPaddr::printIP(*(in6_addr*)&general_localIPv6Nets[idx].net)); sprintf(buffer + strlen(buffer), "/%s ", IPaddr::printIP(*(in6_addr*)&general_localIPv6Nets[idx].mask)); sprintf(buffer + strlen(buffer), " with local IP: %s\n", IPaddr::printIP(general_localIPv6s[idx])); DebugLogger::print(4, buffer); }; } void NsisConfiguration::resetValues() { delete general_localIPv6s; general_localIPv6s = NULL; delete general_localIPv6Nets; general_localIPv6Nets = NULL; general_localIPv6count = 0; delete general_localIPv4s; general_localIPv4s = NULL; delete general_localIPv4Nets; general_localIPv4Nets = NULL; general_localIPv4count = 0; general_interfaces.clear(); startup_startPing = false; startup_startQos = false; startup_startNatFw = false; startup_startDiag = false; general_shortPath = false; general_acceptExplicitMessages = true; general_acceptStatelessGistMessage = true; general_useEmbeddedPingDaemon = false; general_readRoutingTable = true; gist_timeout_refreshinterval = 30000; gist_timeout_queryingnodestateexpiration = 100000; gist_timeout_respondingnodestateexpiration = 100000; gist_timeout_waitforinitialresponse = 10000; gist_timout_waitforconfirm = 10000; tls_certdir = "./certs"; natfw_isNat = false; natfw_isFW = false; natfw_externalAddress = -1; natfw_reservableIPv4count = 0; natfw_reservableIPv4s = NULL; natfw_reservablePortsStart = 0; natfw_reservablePortsEnd = 0; sctp_initRTO = -1; sctp_minRTO = -1; sctp_maxRTO = -1; sctp_maxRetransmissionCounter = -1; sctp_heartbeatInterval = -1; gist_offerTLS = false; gist_offerSCTP = false; gist_useSCTP = false; QosConfiguration::resetValues(); } IPaddr * NsisConfiguration::general_localIPv6s; NsisConfiguration_IPv6_Net * NsisConfiguration::general_localIPv6Nets; int NsisConfiguration::general_localIPv6count; IPaddr * NsisConfiguration::general_localIPv4s; NsisConfiguration_IPv4_Net * NsisConfiguration::general_localIPv4Nets; int NsisConfiguration::general_localIPv4count; std::vector NsisConfiguration::general_interfaces; bool NsisConfiguration::startup_startPing; bool NsisConfiguration::startup_startQos; bool NsisConfiguration::startup_startNatFw; bool NsisConfiguration::startup_startDiag; bool NsisConfiguration::general_shortPath; bool NsisConfiguration::general_acceptExplicitMessages; bool NsisConfiguration::general_acceptStatelessGistMessage; bool NsisConfiguration::general_useEmbeddedPingDaemon; bool NsisConfiguration::general_readRoutingTable; int NsisConfiguration::gist_timeout_refreshinterval; int NsisConfiguration::gist_timeout_queryingnodestateexpiration; int NsisConfiguration::gist_timeout_respondingnodestateexpiration; int NsisConfiguration::gist_timeout_waitforinitialresponse; int NsisConfiguration::gist_timout_waitforconfirm; char * NsisConfiguration::tls_certdir; bool NsisConfiguration::natfw_isNat; bool NsisConfiguration::natfw_isFW; int NsisConfiguration::natfw_externalAddress; bool NsisConfiguration::natfw_simulation; int NsisConfiguration::natfw_reservableIPv4count; IPaddr * NsisConfiguration::natfw_reservableIPv4s; short NsisConfiguration::natfw_reservablePortsStart; short NsisConfiguration::natfw_reservablePortsEnd; int NsisConfiguration::sctp_initRTO; int NsisConfiguration::sctp_minRTO; int NsisConfiguration::sctp_maxRTO; int NsisConfiguration::sctp_maxRetransmissionCounter; int NsisConfiguration::sctp_heartbeatInterval; bool NsisConfiguration::gist_useSCTP; bool NsisConfiguration::gist_offerTLS; bool NsisConfiguration::gist_offerSCTP;