Mercurial > hg > quicktun

changeset 32:51c6d2fc712f V2.1.8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
author Ivo Smits <Ivo@UCIS.nl>
date Wed, 12 Oct 2011 01:34:46 +0200
parents a51d07ac3f1b
children 422f3582bd38
files debian/static/DEBIAN/control debian/static/etc/network/if-post-down.d/quicktun debian/static/etc/network/if-pre-up.d/quicktun src/common.c src/proto.nacltai.c version
diffstat 6 files changed, 22 insertions(+), 14 deletions(-) [+]
line wrap: on
line diff
--- a/debian/static/DEBIAN/control	Wed Oct 12 01:11:48 2011 +0200
+++ b/debian/static/DEBIAN/control	Wed Oct 12 01:34:46 2011 +0200
@@ -3,6 +3,6 @@
 Section: net
 Priority: optional
 Architecture: %ARCHITECTURE%
-Depends: bash, daemon, iproute2 (>= 20100519-3) | openvpn, passwd, coreutils
+Depends: bash, daemon, iproute (>= 20100519-3) | iproute2 (>= 20100519-3) | openvpn, passwd, coreutils
 Maintainer: Ivo Smits <ivo@ucis.nl>
 Description: Very simple, yet secure VPN software
--- a/debian/static/etc/network/if-post-down.d/quicktun	Wed Oct 12 01:11:48 2011 +0200
+++ b/debian/static/etc/network/if-post-down.d/quicktun	Wed Oct 12 01:34:46 2011 +0200
@@ -3,6 +3,8 @@
 test -z "${IF_QT_NO_PRECREATE}" || exit 0
 if [ -x /usr/sbin/openvpn ]; then
 	/usr/sbin/openvpn --rmtun --dev "${IFACE}"
-elif [ -x /sbin/ip ]; then
+elif [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then
 	/sbin/ip tuntap del dev "${IFACE}"
+elif [ -x /usr/sbin/tunctl ]; then
+	/usr/sbin/tunctl -d "${IFACE}"
 fi
--- a/debian/static/etc/network/if-pre-up.d/quicktun	Wed Oct 12 01:11:48 2011 +0200
+++ b/debian/static/etc/network/if-pre-up.d/quicktun	Wed Oct 12 01:34:46 2011 +0200
@@ -1,15 +1,17 @@
 #!/bin/sh
 test -n "${IF_QT_REMOTE_ADDRESS}" || exit 0
 test -z "${IF_QT_NO_PRECREATE}" || exit 0
-if [ -n "${IF_QT_TUN_MODE}" ]; then
+if [ -n "${IF_QT_TUN_MODE}" ] && [ "${IF_QT_TUN_MODE}" = "1" ]; then
 	DEVTYPE="tun"
 else
 	DEVTYPE="tap"
 fi
 if [ -x /usr/sbin/openvpn ]; then
 	/usr/sbin/openvpn --mktun --dev "${IFACE}" --dev-type "${DEVTYPE}" --user quicktun
-elif [ -x /sbin/ip ]; then
+elif [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then
 	/sbin/ip tuntap add dev "${IFACE}" mode "${DEVTYPE}" user quicktun
+elif [ -x /usr/sbin/tunctl ]; then
+	/usr/sbin/tunctl -u quicktun -t "${IFACE}"
 else
-	echo "Unable to pre-create tun/tap interface. Run QuickTun as root."
+	echo "Unable to pre-create tun/tap interface. Run QuickTun as root by setting QT_NO_PRECREATE."
 fi
--- a/src/common.c	Wed Oct 12 01:11:48 2011 +0200
+++ b/src/common.c	Wed Oct 12 01:34:46 2011 +0200
@@ -146,16 +146,21 @@
 	char* envval;
 	fprintf(stderr, "Initializing tun/tap device...\n");
 	int ttfd; //Tap device file descriptor
-#ifdef linux
+#if defined linux
 	struct ifreq ifr; //required for tun/tap setup
 	memset(&ifr, 0, sizeof(ifr));
 	if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) return errorexitp("Could not open tun/tap device file");
 	if (envval = getconf("INTERFACE")) strcpy(ifr.ifr_name, envval);
-	ifr.ifr_flags = getconf("TUN_MODE") ? IFF_TUN : IFF_TAP;
-	ifr.ifr_flags |= getconf("USE_PI") ? 0 : IFF_NO_PI;
+	if ((envval = getconf("TUN_MODE")) && atoi(envval)) {
+		ifr.ifr_flags = IFF_TUN;
+	} else {
+		ifr.ifr_flags = IFF_TAP;
+	}
+	if (!(envval = getconf("USE_PI")) || !atoi(envval)) {
+		ifr.ifr_flags |= IFF_NO_PI;
+	}
 	if (ioctl(ttfd, TUNSETIFF, (void *)&ifr) < 0) return errorexitp("TUNSETIFF ioctl failed");
-#else
-#ifdef SOLARIS
+#elif defined SOLARIS
 	int ip_fd = -1, if_fd = -1, ppa = 0;
 	if ((ttfd = open("/dev/tun", O_RDWR)) < 0) return errorexitp("Could not open tun device file");
 	if ((ip_fd = open("/dev/ip", O_RDWR, 0)) < 0) return errorexitp("Could not open /dev/ip");
@@ -172,7 +177,6 @@
 	if (!(envval = getconf("INTERFACE"))) envval = "/dev/tun0";
 	if ((ttfd = open(envval, O_RDWR)) < 0) return errorexitp("Could not open tun device file");
 #endif
-#endif
 	return ttfd;
 }
 
--- a/src/proto.nacltai.c	Wed Oct 12 01:11:48 2011 +0200
+++ b/src/proto.nacltai.c	Wed Oct 12 01:34:46 2011 +0200
@@ -174,13 +174,13 @@
 
 	crypto_scalarmult_curve25519_base(cownpublickey, csecretkey);
 
-	if (envval = getenv("TIME_WINDOW")) {
+	if (envval = getconf("TIME_WINDOW")) {
 		taia_now(&d->cdtaip);
 		d->cdtaip.sec.x -= atol(envval);
 	} else {
 		fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n");
 	}
-	if (envval = getenv("ROLE")) {
+	if (envval = getconf("ROLE")) {
 		d->cenonce[nonceoffset-1] = atoi(envval) ? 1 : 0;
 	} else {
 		d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) > 0 ? 1 : 0;
--- a/version	Wed Oct 12 01:11:48 2011 +0200
+++ b/version	Wed Oct 12 01:34:46 2011 +0200
@@ -1,1 +1,1 @@
-2.1.7
+2.1.8