Mercurial > hg > quicktun
changeset 32:51c6d2fc712f V2.1.8
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
author | Ivo Smits <Ivo@UCIS.nl> |
---|---|
date | Wed, 12 Oct 2011 01:34:46 +0200 |
parents | a51d07ac3f1b |
children | 422f3582bd38 |
files | debian/static/DEBIAN/control debian/static/etc/network/if-post-down.d/quicktun debian/static/etc/network/if-pre-up.d/quicktun src/common.c src/proto.nacltai.c version |
diffstat | 6 files changed, 22 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/debian/static/DEBIAN/control Wed Oct 12 01:11:48 2011 +0200 +++ b/debian/static/DEBIAN/control Wed Oct 12 01:34:46 2011 +0200 @@ -3,6 +3,6 @@ Section: net Priority: optional Architecture: %ARCHITECTURE% -Depends: bash, daemon, iproute2 (>= 20100519-3) | openvpn, passwd, coreutils +Depends: bash, daemon, iproute (>= 20100519-3) | iproute2 (>= 20100519-3) | openvpn, passwd, coreutils Maintainer: Ivo Smits <ivo@ucis.nl> Description: Very simple, yet secure VPN software
--- a/debian/static/etc/network/if-post-down.d/quicktun Wed Oct 12 01:11:48 2011 +0200 +++ b/debian/static/etc/network/if-post-down.d/quicktun Wed Oct 12 01:34:46 2011 +0200 @@ -3,6 +3,8 @@ test -z "${IF_QT_NO_PRECREATE}" || exit 0 if [ -x /usr/sbin/openvpn ]; then /usr/sbin/openvpn --rmtun --dev "${IFACE}" -elif [ -x /sbin/ip ]; then +elif [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then /sbin/ip tuntap del dev "${IFACE}" +elif [ -x /usr/sbin/tunctl ]; then + /usr/sbin/tunctl -d "${IFACE}" fi
--- a/debian/static/etc/network/if-pre-up.d/quicktun Wed Oct 12 01:11:48 2011 +0200 +++ b/debian/static/etc/network/if-pre-up.d/quicktun Wed Oct 12 01:34:46 2011 +0200 @@ -1,15 +1,17 @@ #!/bin/sh test -n "${IF_QT_REMOTE_ADDRESS}" || exit 0 test -z "${IF_QT_NO_PRECREATE}" || exit 0 -if [ -n "${IF_QT_TUN_MODE}" ]; then +if [ -n "${IF_QT_TUN_MODE}" ] && [ "${IF_QT_TUN_MODE}" = "1" ]; then DEVTYPE="tun" else DEVTYPE="tap" fi if [ -x /usr/sbin/openvpn ]; then /usr/sbin/openvpn --mktun --dev "${IFACE}" --dev-type "${DEVTYPE}" --user quicktun -elif [ -x /sbin/ip ]; then +elif [ -x /sbin/ip ] && /sbin/ip tuntap 2>&1 >/dev/null; then /sbin/ip tuntap add dev "${IFACE}" mode "${DEVTYPE}" user quicktun +elif [ -x /usr/sbin/tunctl ]; then + /usr/sbin/tunctl -u quicktun -t "${IFACE}" else - echo "Unable to pre-create tun/tap interface. Run QuickTun as root." + echo "Unable to pre-create tun/tap interface. Run QuickTun as root by setting QT_NO_PRECREATE." fi
--- a/src/common.c Wed Oct 12 01:11:48 2011 +0200 +++ b/src/common.c Wed Oct 12 01:34:46 2011 +0200 @@ -146,16 +146,21 @@ char* envval; fprintf(stderr, "Initializing tun/tap device...\n"); int ttfd; //Tap device file descriptor -#ifdef linux +#if defined linux struct ifreq ifr; //required for tun/tap setup memset(&ifr, 0, sizeof(ifr)); if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) return errorexitp("Could not open tun/tap device file"); if (envval = getconf("INTERFACE")) strcpy(ifr.ifr_name, envval); - ifr.ifr_flags = getconf("TUN_MODE") ? IFF_TUN : IFF_TAP; - ifr.ifr_flags |= getconf("USE_PI") ? 0 : IFF_NO_PI; + if ((envval = getconf("TUN_MODE")) && atoi(envval)) { + ifr.ifr_flags = IFF_TUN; + } else { + ifr.ifr_flags = IFF_TAP; + } + if (!(envval = getconf("USE_PI")) || !atoi(envval)) { + ifr.ifr_flags |= IFF_NO_PI; + } if (ioctl(ttfd, TUNSETIFF, (void *)&ifr) < 0) return errorexitp("TUNSETIFF ioctl failed"); -#else -#ifdef SOLARIS +#elif defined SOLARIS int ip_fd = -1, if_fd = -1, ppa = 0; if ((ttfd = open("/dev/tun", O_RDWR)) < 0) return errorexitp("Could not open tun device file"); if ((ip_fd = open("/dev/ip", O_RDWR, 0)) < 0) return errorexitp("Could not open /dev/ip"); @@ -172,7 +177,6 @@ if (!(envval = getconf("INTERFACE"))) envval = "/dev/tun0"; if ((ttfd = open(envval, O_RDWR)) < 0) return errorexitp("Could not open tun device file"); #endif -#endif return ttfd; }
--- a/src/proto.nacltai.c Wed Oct 12 01:11:48 2011 +0200 +++ b/src/proto.nacltai.c Wed Oct 12 01:34:46 2011 +0200 @@ -174,13 +174,13 @@ crypto_scalarmult_curve25519_base(cownpublickey, csecretkey); - if (envval = getenv("TIME_WINDOW")) { + if (envval = getconf("TIME_WINDOW")) { taia_now(&d->cdtaip); d->cdtaip.sec.x -= atol(envval); } else { fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n"); } - if (envval = getenv("ROLE")) { + if (envval = getconf("ROLE")) { d->cenonce[nonceoffset-1] = atoi(envval) ? 1 : 0; } else { d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) > 0 ? 1 : 0;