diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_aix.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_aix.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_aix.c 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_aix.c 2006-07-23 16:55:14.000000000 +0200 @@ -0,0 +1,90 @@ +/********************************************************** + SixXS - Automatic IPv6 Connectivity Configuration Utility +*********************************************************** + Copyright 2003-2005 SixXS - http://www.sixxs.net +*********************************************************** + common/aiccu_aix.c - AIX + + ipv6_interface has to be eg cti0 +*********************************************************** + $Author: jeroen $ + $Id: aiccu_aix.c,v 1.3 2006-07-23 14:13:57 jeroen Exp $ + $Date: 2006-07-23 14:13:57 $ +**********************************************************/ + +#include "aiccu.h" + +bool aiccu_os_install() +{ + /* Define the CTI (Configured Tunnel Interface) by executing the deftunnel configuration method */ + return aiccu_exec("/usr/lib/methods/deftunnel -c if -s CTI -t cti"); +} + +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) +{ + if (hTunnel->uses_tundev == 0) + { + /* Build a normal SIT tunnel */ + aiccu_exec( + "/usr/sbin/ifconfig %s inet6 ::%s/128 ::%s", + g_aiccu->ipv6_interface, + strcmp(hTunnel->sIPv4_Local, "heartbeat") == 0 ? "0.0.0.0" : hTunnel->sIPv4_Local, + hTunnel->sIPv4_POP); + + /* Remove the local endpoint, the remote stays though :) */ + aiccu_exec( + "/usr/sbin/ifconfig %s inet6 ::%s delete", + g_aiccu->ipv6_interface, + strcmp(hTunnel->sIPv4_Local, "heartbeat") == 0 ? "0.0.0.0" : hTunnel->sIPv4_Local); + + /* Add the addresses */ + aiccu_exec( + "ifconfig %s inet6 %s %s", + g_aiccu->ipv6_interface, + hTunnel->sIPv6_Local, + hTunnel->sIPv6_POP); + } + else + { + dolog(LOG_DEBUG, "There is no AIX support for tun-devices yet"); + exit(-1); + } + + if (g_aiccu->defaultroute) + { + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } + + return true; +} + +void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) +{ + if (hTunnel->uses_tundev == 0) + { + /* Build a normal SIT tunnel */ + aiccu_exec( + "/usr/sbin/ifconfig %s inet6 ::%s/128 ::%s", + g_aiccu->ipv6_interface, + strcmp(hTunnel->sIPv4_Local, "heartbeat") == 0 ? "0.0.0.0" : hTunnel->sIPv4_Local, + hTunnel->sIPv4_POP); + + /* Remove the local endpoint, the remote stays */ + aiccu_exec( + "/usr/sbin/ifconfig %s inet6 ::%s delete", + g_aiccu->ipv6_interface, + strcmp(hTunnel->sIPv4_Local, "heartbeat") == 0 ? "0.0.0.0" : hTunnel->sIPv4_Local); + } +} + +void aiccu_os_delete(struct TIC_Tunnel *hTunnel) +{ + hTunnel = hTunnel; + aiccu_exec( + "ifconfig %s down", + g_aiccu->ipv6_interface); +} + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu.c 2005-01-11 13:16:09.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu.c 2007-01-15 13:02:10.000000000 +0100 @@ -6,8 +6,8 @@ common/aiccu.c - AICCU Abstracted functions *********************************************************** $Author: jeroen $ - $Id: aiccu.c,v 1.4 2005/01/11 12:16:09 jeroen Exp $ - $Date: 2005/01/11 12:16:09 $ + $Id: aiccu.c,v 1.20 2007-01-15 12:02:10 jeroen Exp $ + $Date: 2007-01-15 12:02:10 $ **********************************************************/ #include "aiccu.h" @@ -20,9 +20,14 @@ /* Configuration */ {"username", PLRT_STRING, offsetof(struct AICCU_conf, username)}, {"password", PLRT_STRING, offsetof(struct AICCU_conf, password)}, - {"ipv4_interface", PLRT_STRING, offsetof(struct AICCU_conf, ipv4_interface)}, + {"protocol", PLRT_STRING, offsetof(struct AICCU_conf, protocol)}, + {"server", PLRT_STRING, offsetof(struct AICCU_conf, server)}, {"ipv6_interface", PLRT_STRING, offsetof(struct AICCU_conf, ipv6_interface)}, {"tunnel_id", PLRT_STRING, offsetof(struct AICCU_conf, tunnel_id)}, + {"local_ipv4_override", PLRT_STRING, offsetof(struct AICCU_conf, local_ipv4_override)}, + + /* Post Setup script path */ + {"setupscript", PLRT_STRING, offsetof(struct AICCU_conf, setupscript)}, /* Automatic */ {"automatic", PLRT_BOOL, offsetof(struct AICCU_conf, automatic)}, @@ -30,11 +35,29 @@ /* Operational options */ {"daemonize", PLRT_BOOL, offsetof(struct AICCU_conf, daemonize)}, {"verbose", PLRT_BOOL, offsetof(struct AICCU_conf, verbose)}, + {"behindnat", PLRT_BOOL, offsetof(struct AICCU_conf, behindnat)}, + {"requiretls", PLRT_BOOL, offsetof(struct AICCU_conf, requiretls)}, + {"noconfigure", PLRT_BOOL, offsetof(struct AICCU_conf, noconfigure)}, + {"makebeats", PLRT_BOOL, offsetof(struct AICCU_conf, makebeats)}, + {"defaultroute", PLRT_BOOL, offsetof(struct AICCU_conf, defaultroute)}, + {"pidfile", PLRT_STRING, offsetof(struct AICCU_conf, pidfile)}, {NULL, PLRT_END, 0}, }; +#ifdef AICCU_GNUTLS +void aiccu_tls_log(int level, const char *message); +void aiccu_tls_log(int level, const char *message) +{ + dolog(level, "[GNUTLS] %s\n", message); +} +#endif + bool aiccu_InitConfig() { +#ifdef AICCU_GNUTLS + int ret; +#define CAFILE "ca.pem" +#endif /* Allocate & Initialize */ g_aiccu = (struct AICCU_conf *)malloc(sizeof(*g_aiccu)); if (!g_aiccu) return false; @@ -43,20 +66,96 @@ memset(g_aiccu->tic, 0, sizeof(*g_aiccu->tic)); /* Initialize config to defaults */ - g_aiccu->daemonize = -1; + g_aiccu->running = true; + g_aiccu->tunrunning = false; + g_aiccu->daemonize = 0; g_aiccu->verbose = false; + g_aiccu->requiretls = false; /* Not mandatory yet */ + g_aiccu->noconfigure = false; + g_aiccu->makebeats = true; + g_aiccu->defaultroute = true; g_aiccu->ipv6_interface = strdup("aiccu"); + if (!g_aiccu->ipv6_interface) return false; + g_aiccu->protocol = strdup("tic"); + if (!g_aiccu->protocol) return false; + g_aiccu->server = strdup("tic.sixxs.net"); + if (!g_aiccu->server) return false; + g_aiccu->pidfile = strdup(AICCU_PID); + if (!g_aiccu->pidfile) return false; + +#ifdef AICCU_GNUTLS + /* Initialize GNUTLS */ + ret = gnutls_global_init(); + if (ret != 0) + { + dolog(LOG_ERR, "GNUTLS failed to initialize: %s (%d)\n", gnutls_strerror(ret), ret); + return false; + } + + /* X509 credentials */ + ret = gnutls_certificate_allocate_credentials(&g_aiccu->tls_cred); + if (ret != 0) + { + dolog(LOG_ERR, "GNUTLS failed to initialize: %s (%d)\n", gnutls_strerror(ret), ret); + return false; + } + + /* For the time being don't load the PEM as it is not there... */ + +#if 0 + /* Sets the trusted cas file */ + ret = gnutls_certificate_set_x509_trust_file(g_aiccu->tls_cred, CAFILE, GNUTLS_X509_FMT_PEM); + if (ret < 0) + { + dolog(LOG_ERR, "GNUTLS failed to initialize: %s (%d)\n", gnutls_strerror(ret), ret); + return false; + } +#endif + + /* Configure GNUTLS logging to happen using our own logging interface */ + gnutls_global_set_log_function(aiccu_tls_log); + +#ifdef DEBUG + /* Show some GNUTLS debugging information */ + gnutls_global_set_log_level(5); +#endif + +#endif /* AICCU_GNUTLS */ return true; } +/* Locate where the configfile is stored */ +void aiccu_LocateFile(const char *what, char *filename, unsigned int length); +void aiccu_LocateFile(const char *what, char *filename, unsigned int length) +{ + memset(filename, 0, length); +#ifdef _WIN32 + /* Figure out the "C:\Windows" location */ + /* as that is where we store our configuration */ + GetWindowsDirectory(filename, length); + strncat(filename, "\\", length); + strncat(filename, what, length); +#else + /* Use the default location */ + strncat(filename, what, length); +#endif +} + /* configure this client */ bool aiccu_LoadConfig(const char *filename) { FILE *f; char buf[1000]; + char filenames[256]; unsigned int line = 0; + if (!filename) + { + aiccu_LocateFile(AICCU_CONFIG, filenames, sizeof(filenames)); + filename = filenames; + } + f = fopen(filename, "r"); if (!f) { @@ -69,46 +168,79 @@ line++; if (parseline(buf, " ", aiccu_conf_rules, g_aiccu)) continue; - dolog(LOG_WARNING, "Unknown configuration statement on line %d: \"%s\"\n", line, buf); + dolog(LOG_WARNING, "Unknown configuration statement on line %u of %s: \"%s\"\n", line, filename, buf); } fclose(f); + return true; } /* Save the configuration */ bool aiccu_SaveConfig(const char *filename) { - FILE *f = fopen(filename, "w"); + FILE *f; + char filenames[512]; + + if (!filename) + { + aiccu_LocateFile(AICCU_CONFIG, filenames, sizeof(filenames)); + filename = filenames; + } + + f = fopen(filename, "w"); if (!f) { dolog(LOG_ERR, "Could not open config file \"%s\" for writing\n", filename); return false; } - fprintf(f, "# AICCU Configuration (Automatically stored by aiccu %s)\n", AICCU_VER); + fprintf(f, "# AICCU Configuration (Saved by AICCU %s)\n", AICCU_VER); fprintf(f, "\n"); fprintf(f, "# Login information\n"); fprintf(f, "username %s\n", g_aiccu->username); fprintf(f, "password %s\n", g_aiccu->password); + fprintf(f, "protocol %s\n", g_aiccu->protocol); + fprintf(f, "server %s\n", g_aiccu->server); fprintf(f, "\n"); fprintf(f, "# Interface names to use\n"); - fprintf(f, "ipv4_interface %s\n", g_aiccu->ipv4_interface); fprintf(f, "ipv6_interface %s\n", g_aiccu->ipv6_interface); fprintf(f, "\n"); fprintf(f, "# The tunnel_id to use\n"); fprintf(f, "# (only required when there are multiple tunnels in the list)\n"); fprintf(f, "tunnel_id %s\n", g_aiccu->tunnel_id); fprintf(f, "\n"); + fprintf(f, "# Try to automatically login and setup the tunnel?\n"); fprintf(f, "automatic %s\n", g_aiccu->automatic ? "true" : "false"); fprintf(f, "\n"); + fprintf(f, "# Script to run after setting up the interfaces (default: none)\n"); + fprintf(f, "%ssetupscript %s\n", g_aiccu->setupscript ? "" : "#", g_aiccu->setupscript ? g_aiccu->setupscript : ""); + fprintf(f, "\n"); + fprintf(f, "# TLS Required?\n"); + fprintf(f, "requiretls %s\n", g_aiccu->requiretls ? "true" : "false"); + fprintf(f, "\n"); fprintf(f, "# Be verbose?\n"); fprintf(f, "verbose %s\n", g_aiccu->verbose ? "true" : "false"); fprintf(f, "\n"); fprintf(f, "# Daemonize?\n"); fprintf(f, "daemonize %s\n", g_aiccu->daemonize ? "true" : "false"); fprintf(f, "\n"); - fprintf(f, "# Behind a NAT?\n"); + fprintf(f, "# Behind NAT (default: false)\n"); + fprintf(f, "# Notify the user that a NAT-kind network is detected\n"); fprintf(f, "behindnat %s\n", g_aiccu->behindnat ? "true" : "false"); + fprintf(f, "\n"); + fprintf(f, "# PID File\n"); + fprintf(f, "pidfile %s\n", g_aiccu->pidfile); + fprintf(f, "\n"); + fprintf(f, "# Make heartbeats (default true)\n"); + fprintf(f, "# In general you don't want to turn this off\n"); + fprintf(f, "# Of course only applies to AYIYA and heartbeat tunnels not to static ones\n"); + fprintf(f, "makebeats %s\n", g_aiccu->makebeats ? "true" : "false"); + fprintf(f, "\n"); + fprintf(f, "# Add a default route (default: true)\n"); + fprintf(f, "defaultroute %s\n", g_aiccu->defaultroute ? "true" : "false"); + fprintf(f, "\n"); + fprintf(f, "# Don't configure anything (default: false)\n"); + fprintf(f, "noconfigure %s\n", g_aiccu->noconfigure ? "true" : "false"); fclose(f); return true; } @@ -116,81 +248,124 @@ void aiccu_FreeConfig() { if (!g_aiccu) return; - if (g_aiccu->username) free(g_aiccu->username); - g_aiccu->username = NULL; - if (g_aiccu->password) free(g_aiccu->password); - g_aiccu->password = NULL; - if (g_aiccu->ipv4_interface) free(g_aiccu->ipv4_interface); - g_aiccu->ipv4_interface = NULL; - if (g_aiccu->ipv6_interface) free(g_aiccu->ipv6_interface); - g_aiccu->ipv6_interface = NULL; - if (g_aiccu->tunnel_id) free(g_aiccu->tunnel_id); - g_aiccu->tunnel_id = NULL; - if (g_aiccu->tic) free(g_aiccu->tic); - g_aiccu->tic = NULL; + +#ifdef AICCU_GNUTLS + gnutls_certificate_free_credentials(g_aiccu->tls_cred); + gnutls_global_deinit(); +#endif + + if (g_aiccu->username) { free(g_aiccu->username); g_aiccu->username = NULL; } + if (g_aiccu->password) { free(g_aiccu->password); g_aiccu->password = NULL; } + if (g_aiccu->ipv6_interface) { free(g_aiccu->ipv6_interface);g_aiccu->ipv6_interface = NULL; } + if (g_aiccu->tunnel_id) { free(g_aiccu->tunnel_id); g_aiccu->tunnel_id = NULL; } + if (g_aiccu->tic) { free(g_aiccu->tic); g_aiccu->tic = NULL; } + if (g_aiccu->setupscript) { free(g_aiccu->setupscript); g_aiccu->setupscript = NULL; } + if (g_aiccu->pidfile) { free(g_aiccu->pidfile); g_aiccu->pidfile = NULL; } + free(g_aiccu); g_aiccu = NULL; } -/* OS Interfaces - quick and easy */ -void aiccu_os_install(); -void aiccu_os_setup(struct TIC_Tunnel *hTunnel); -void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel); -void aiccu_os_delete(struct TIC_Tunnel *hTunnel); -void aiccu_os_test(struct TIC_Tunnel *hTunnel, bool automatic); - /* Make sure the OS understands IPv6 */ -void aiccu_install() +void aiccu_install(void) { D(dolog(LOG_DEBUG, "aiccu_install()\n");) aiccu_os_install(); } -void aiccu_setup(struct TIC_Tunnel *hTunnel, bool firstrun) +bool aiccu_setup(struct TIC_Tunnel *hTunnel, bool firstrun) { + bool ret = false; + D(dolog(LOG_DEBUG, "aiccu_setup(%s, %s)\n", hTunnel->sIPv6_Local, firstrun ? "first" : "other");) /* AYIYA calls aiccu_setup(hTunnel,false) after preparing the tunnel interface */ if (firstrun && strcasecmp(hTunnel->sType, "ayiya") == 0) { - ayiya(hTunnel); + ret = ayiya(hTunnel); } - else aiccu_os_setup(hTunnel); +#ifdef NEWSTUFF_TEEPEE + else if (firstrun && strcasecmp(hTunnel->sType, "l2tp") == 0) + { + ret = teepee(hTunnel); + } +#endif + else + { + ret = aiccu_os_setup(hTunnel); + } + + /* Beat for the first time */ + if (ret) aiccu_beat(hTunnel); + + return ret; +} + +void aiccu_beat(struct TIC_Tunnel *hTunnel) +{ + if (!g_aiccu->makebeats) + { + D(dolog(LOG_DEBUG, "aiccu_beat() - Beating disabled\n")); + return; + } + + D(dolog(LOG_DEBUG, "aiccu_beat() - Beating %s...\n", hTunnel->sType)); + + if (strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0) + { + heartbeat_beat(hTunnel); + } + else if (strcasecmp(hTunnel->sType, "ayiya") == 0) + { + ayiya_beat(); + } + else + { + D(dolog(LOG_DEBUG, "aiccu_beat() - No beat for %s!?\n", hTunnel->sType)); + } + + /* L2TP Hello's are handled inside TeePee */ } void aiccu_reconfig(struct TIC_Tunnel *hTunnel) { D(dolog(LOG_DEBUG, "aiccu_reconfig(%s)\n", hTunnel->sIPv6_Local);) - aiccu_os_reconfig(hTunnel); + if (!g_aiccu->noconfigure) aiccu_os_reconfig(hTunnel); } void aiccu_delete(struct TIC_Tunnel *hTunnel) { D(dolog(LOG_DEBUG, "aiccu_delete(%s)\n", hTunnel->sIPv6_Local);) - aiccu_os_delete(hTunnel); + if (!g_aiccu->noconfigure) aiccu_os_delete(hTunnel); } void aiccu_test(struct TIC_Tunnel *hTunnel, bool automatic) { - D(dolog(LOG_DEBUG, "aiccu_delete(%s)\n", hTunnel->sIPv6_Local);) + D(dolog(LOG_DEBUG, "aiccu_test()\n")); aiccu_os_test(hTunnel, automatic); } -void aiccu_exec(char *fmt, ...) +bool aiccu_exec(const char *fmt, ...) { #ifndef _WIN32 char buf[1024]; + int ret; va_list ap; + va_start(ap, fmt); vsnprintf(buf,sizeof(buf),fmt,ap); D(dolog(LOG_DEBUG, "aiccu_os_exec(\"%s\")\n", buf)); - system(buf); + ret = system(buf); + if (ret == -1) dolog(LOG_WARNING, "Execution of \"%s\" failed!? (Please check if the command is available)\n", buf); va_end(ap); #endif + return true; } -#define AICCU_LICENSE_PART1 "\ -Copyright (C) SixXS\n\ +#define SIXXS_LICENSE_PART1 "\ +The SixXS License - http://www.sixxs.net/\n\ +\n\ +Copyright (C) SixXS Staff \n\ All rights reserved.\n\ \n\ Redistribution and use in source and binary forms, with or without\n\ @@ -199,38 +374,17 @@ 1. Redistributions of source code must retain the above copyright\n\ notice, this list of conditions and the following disclaimer.\n" -#define AICCU_LICENSE_PART2 "\ +#define SIXXS_LICENSE_PART2 "\ 2. Redistributions in binary form must reproduce the above copyright\n\ notice, this list of conditions and the following disclaimer in the\n\ documentation and/or other materials provided with the distribution.\n\ 3. Neither the name of SixXS nor the names of its contributors\n\ may be used to endorse or promote products derived from this software\n\ - without specific prior permission.\n" - -#define AICCU_LICENSE_PART3 "\ -4. One should not remove any reference to, or logo of, SixXS.\n\ -5. When the software is altered to not use SixXS services, one is kindly\n\ - asked to notify SixXS of this by sending an email to the SixXS Staff\n\ - at info@sixxs.net, containing at least the following details:\n\ - 8<--------\n\ - Organisation : Organisation Name\n\ - Email : mailbox@example.com\n\ - Website : http://www.example.com\n\ - is using software for:\n" - -#define AICCU_LICENSE_PART4 "\ - <\n\ - description of:\n\ - the usage\n\ - the reason why it was modified\n\ - >\n\ - -------->8\n\ - Additional information details may of course be provided.\n\ - We request this to be able to know why people would choose not to\n\ - use the services provided by SixXS and the participating ISP's.\n\ - \n" + without specific prior permission.\n\ +\n\ +\n" -#define AICCU_LICENSE_PART5 "\ +#define SIXXS_LICENSE_PART3 "\ THIS SOFTWARE IS PROVIDED BY SIXXS AND CONTRIBUTORS ``AS IS'' AND\n\ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n\ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\n\ @@ -238,7 +392,7 @@ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\n\ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS\n" -#define AICCU_LICENSE_PART6 "\ +#define SIXXS_LICENSE_PART4 "\ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n\ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT\n\ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY\n\ @@ -250,7 +404,7 @@ #ifndef NOPEDANTIC /* * Pedantic doesn't allow this long strings, thus we will - * play nice and malloc it, copy them in seperatly and + * play nice and malloc it, copy them in separately and * then return the buffer. * What we don't do for compliancy.... */ @@ -263,35 +417,28 @@ * remove them and tada one big text... */ static char - l1[] = AICCU_LICENSE_PART1, - l2[] = AICCU_LICENSE_PART2, - l3[] = AICCU_LICENSE_PART3, - l4[] = AICCU_LICENSE_PART4, - l5[] = AICCU_LICENSE_PART5, - l6[] = AICCU_LICENSE_PART6; + l1[] = SIXXS_LICENSE_PART1, + l2[] = SIXXS_LICENSE_PART2, + l3[] = SIXXS_LICENSE_PART3, + l4[] = SIXXS_LICENSE_PART4; size_t a = strlen(l1), b = strlen(l2), c = strlen(l3), - d = strlen(l4), - e = strlen(l5), - f = strlen(l6); + d = strlen(l4); /* Create the 'long' string our selves then */ - license = (char *)malloc(a+b+c+d+e+f); + license = (char *)malloc(a+b+c+d+1); if (!license) return NULL; + memset(license, 0, a+b+c+d+1); memcpy(license , l1, a); memcpy(license + a, l2, b); memcpy(license + a + b, l3, c); memcpy(license + a + b + c, l4, d); - memcpy(license + a + b + c + d, l5, e); - memcpy(license + a + b + c + d + e, l6, f); } return license; #else - return AICCU_LICENSE_PART1 AICCU_LICENSE_PART2 AICCU_LICENSE_PART3 - AICCU_LICENSE_PART4 AICCU_LICENSE_PART5 AICCU_LICENSE_PART6; + return SIXXS_LICENSE_PART1 SIXXS_LICENSE_PART2 SIXXS_LICENSE_PART3 SIXXS_LICENSE_PART4; #endif } - diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_darwin.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_darwin.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_darwin.c 2005-02-04 18:38:45.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_darwin.c 2007-01-07 18:02:11.000000000 +0100 @@ -6,19 +6,20 @@ common/aiccu_darwin.c - Darwin *********************************************************** $Author: jeroen $ - $Id: aiccu_darwin.c,v 1.6 2005/02/04 17:38:45 jeroen Exp $ - $Date: 2005/02/04 17:38:45 $ + $Id: aiccu_darwin.c,v 1.11 2007-01-07 17:02:11 jeroen Exp $ + $Date: 2007-01-07 17:02:11 $ **********************************************************/ #include "aiccu.h" -void aiccu_os_install() +bool aiccu_os_install(void) { + return true; } -void aiccu_os_setup(struct TIC_Tunnel *hTunnel) +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "/sbin/ifconfig %s tunnel %s %s", @@ -27,37 +28,39 @@ hTunnel->sIPv4_POP); } + /* Bring the interface up */ aiccu_exec( "ifconfig %s up", g_aiccu->ipv6_interface); - - if (strcmp(hTunnel->sType, "ayiya") == 0) - { - aiccu_exec( - "ifconfig %s inet6 %s prefixlen 64 alias", - g_aiccu->ipv6_interface, - hTunnel->sIPv6_LinkLocal); - } + /* Configure the MTU */ aiccu_exec( - "ifconfig %s inet6 %s prefixlen 128 alias", + "ifconfig %s mtu %u", g_aiccu->ipv6_interface, - hTunnel->sIPv6_Local); - - aiccu_exec( - "route add -inet6 %s -prefixlen 128 %s", - hTunnel->sIPv6_POP, - hTunnel->sIPv6_Local); + hTunnel->nMTU); + /* PtP link, so we can use the PtP syntax */ aiccu_exec( - "route add -inet6 %s %s", - "default", + "ifconfig %s inet6 %s %s prefixlen 128 alias", + g_aiccu->ipv6_interface, + hTunnel->sIPv6_Local, hTunnel->sIPv6_POP); + + /* Configure a path to the other side */ + if (g_aiccu->defaultroute) + { + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } + + return true; } void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "/sbin/ifconfig %s tunnel %s %s", @@ -74,7 +77,7 @@ "ifconfig %s down", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "ifconfig %s deletetunnel", diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_freebsd4.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_freebsd4.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_freebsd4.c 2005-01-31 20:16:36.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_freebsd4.c 2007-01-07 18:05:23.000000000 +0100 @@ -6,24 +6,27 @@ common/aiccu_freebsd4.c - FreeBSD 3.x/4.x *********************************************************** $Author: jeroen $ - $Id: aiccu_freebsd4.c,v 1.7 2005/01/31 19:16:36 jeroen Exp $ - $Date: 2005/01/31 19:16:36 $ + $Id: aiccu_freebsd4.c,v 1.11 2007-01-07 17:05:23 jeroen Exp $ + $Date: 2007-01-07 17:05:23 $ **********************************************************/ #include "aiccu.h" -void aiccu_os_install() +bool aiccu_os_install(void) { + return true; } -void aiccu_os_setup(struct TIC_Tunnel *hTunnel) +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { + /* Create the tunnel device */ aiccu_exec( "/sbin/ifconfig %s create", g_aiccu->ipv6_interface); + /* Configure the endpoint */ aiccu_exec( "/sbin/ifconfig %s tunnel %s %s", g_aiccu->ipv6_interface, @@ -31,38 +34,55 @@ hTunnel->sIPv4_POP); } + /* Mark the interface up */ aiccu_exec( "ifconfig %s up", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") == 0) + /* Configure the MTU */ + aiccu_exec( + "ifconfig %s mtu %u", + g_aiccu->ipv6_interface, + hTunnel->nMTU); + + if (hTunnel->uses_tundev == 1) { + /* Give it a link local address */ aiccu_exec( "ifconfig %s inet6 %s prefixlen 64 alias", g_aiccu->ipv6_interface, hTunnel->sIPv6_LinkLocal); } + /* Local side of the tunnel */ aiccu_exec( "ifconfig %s inet6 %s prefixlen 128 alias", g_aiccu->ipv6_interface, hTunnel->sIPv6_Local); + /* Route to the remote side of the tunnel */ aiccu_exec( "route add -inet6 %s -prefixlen 128 %s", hTunnel->sIPv6_POP, hTunnel->sIPv6_Local); - aiccu_exec( - "route add -inet6 %s %s", - "default", - hTunnel->sIPv6_POP); + if (g_aiccu->defaultroute) + { + /* Add a default route */ + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } + + return true; } void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { + /* Change the endpoints of the tunnel */ aiccu_exec( "/sbin/ifconfig %s tunnel %s %s", g_aiccu->ipv6_interface, @@ -74,12 +94,15 @@ void aiccu_os_delete(struct TIC_Tunnel *hTunnel) { hTunnel = hTunnel; + + /* Mark the interface down */ aiccu_exec( "ifconfig %s down", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { + /* Destroy the tunnel */ aiccu_exec( "ifconfig %s destroy", g_aiccu->ipv6_interface); diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu.h /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu.h 2005-01-31 20:05:52.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu.h 2007-01-15 13:01:43.000000000 +0100 @@ -7,8 +7,8 @@ All compile-time configurable items are in this file *********************************************************** $Author: jeroen $ - $Id: aiccu.h,v 1.4 2005/01/31 19:05:52 jeroen Exp $ - $Date: 2005/01/31 19:05:52 $ + $Id: aiccu.h,v 1.23 2007-01-15 12:01:43 jeroen Exp $ + $Date: 2007-01-15 12:01:43 $ **********************************************************/ #ifndef AICCU_H @@ -18,12 +18,24 @@ #include "tic.h" #include "heartbeat.h" #include "ayiya.h" +#include "resolver.h" + +#ifdef NEWSTUFF_TSP +#include "tsp.h" +#endif +#ifdef NEWSTUFF_TSP +#include "teepee.h" +#endif /* AICCU Version */ -#define AICCU_VER "2005.01.31" -#define AICCU_VERSION_NUM 2005,01,31,0 +#define AICCU_VER "2007.01.15" +#define AICCU_VERSION_NUM 2007,01,15,0 /* _NUM = required for Windows Resources */ +#ifdef _WIN32 +#define AICCU_TYPE "win32" +#endif + /* Append -gui or -console? */ #ifndef AICCU_CONSOLE #ifdef AICCU_TYPE @@ -43,6 +55,10 @@ #define TIC_CLIENT_NAME "AICCU" #define TIC_CLIENT_VERSION AICCU_VERSION +/* Needed for TSP */ +#define TSP_CLIENT_NAME TIC_CLIENT_NAME +#define TSP_CLIENT_VERSION TIC_CLIENT_VERSION + /* * AICCU configuration Cache * allows reconnects even when we don't update @@ -65,25 +81,50 @@ /* Inbound listen queue */ #define LISTEN_QUEUE 128 +#ifndef UNUSED +#ifdef _AIX +#define UNUSED +#else +#define UNUSED __attribute__ ((__unused__)) +#endif +#endif + /* AICCU Configuration */ struct AICCU_conf { + /* Only for AICCU */ + char *username; /* Username */ + char *password; /* Password */ + char *protocol; /* TIC/TSP/L2TP */ + char *server; /* TIC/TSP etc server */ + char *ipv6_interface; /* IPv6 interface (tunnel interface: sit0, tun0 etc) */ + char *tunnel_id; /* ID of the tunnel to use */ + char *local_ipv4_override; /* Local IPv4 override, for behind-NAT scenario's */ + char *setupscript; /* Script to run after having set up the tunnel */ + char *pidfile; /* File to store the PID */ + /* used by other parts */ - int daemonize; - bool verbose; - /* Only for AICCU */ - char *username; - char *password; - char *ipv4_interface; - char *ipv6_interface; - char *tunnel_id; + struct TIC_conf *tic; /* TIC Structure */ +#ifdef NEWSTUFF_TSP + struct TSP_conf *tsp; /* TSP Structure */ +#endif - bool automatic; /* Try to be totally automatic? */ +#ifdef AICCU_GNUTLS + gnutls_certificate_credentials tls_cred; /* GNUTLS credentials */ +#endif - bool behindnat; /* Behind a NAT */ + bool daemonize; /* Daemonize? */ + bool verbose; /* Verbosity */ + bool running; /* Still running? */ + bool tunrunning; /* Is the tundev running? */ - struct TIC_conf *tic; /* TIC Structure */ + bool automatic; /* Try to be totally automatic? */ + bool behindnat; /* Behind a NAT */ + bool requiretls; /* Require TLS for TIC? */ + bool makebeats; /* Make heartbeats? */ + bool noconfigure; /* No configuration (used to only send heartbeats) */ + bool defaultroute; /* Configure a default route */ }; /* Global configuration */ @@ -93,15 +134,26 @@ bool aiccu_InitConfig(void); bool aiccu_LoadConfig(const char *filename); bool aiccu_SaveConfig(const char *filename); -void aiccu_FreeConfig(); +void aiccu_FreeConfig(void); -void aiccu_install(); -void aiccu_setup(struct TIC_Tunnel *hTunnel, bool firstrun); +void aiccu_install(void); +bool aiccu_setup(struct TIC_Tunnel *hTunnel, bool firstrun); +void aiccu_beat(struct TIC_Tunnel *hTunnel); void aiccu_reconfig(struct TIC_Tunnel *hTunnel); void aiccu_delete(struct TIC_Tunnel *hTunnel); void aiccu_test(struct TIC_Tunnel *hTunnel, bool automatic); -void aiccu_exec(char *fmt, ...); -const char *aiccu_license(); +bool aiccu_exec(const char *fmt, ...); +const char *aiccu_license(void); -#endif /* AICCU_H */ +/* OS Specific */ +bool aiccu_os_install(void); +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel); +void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel); +void aiccu_os_delete(struct TIC_Tunnel *hTunnel); +void aiccu_os_test(struct TIC_Tunnel *hTunnel, bool automatic); + +#ifdef _WIN32 +void aiccu_win32_rename_adapter(const char *orig); +#endif +#endif /* AICCU_H */ diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_kame.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_kame.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_kame.c 2005-01-31 21:32:50.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_kame.c 2007-01-11 16:11:27.000000000 +0100 @@ -6,19 +6,20 @@ common/aiccu_kame.c - NetBSD + FreeBSD 5.x+ *********************************************************** $Author: jeroen $ - $Id: aiccu_kame.c,v 1.8 2005/01/31 20:32:50 jeroen Exp $ - $Date: 2005/01/31 20:32:50 $ + $Id: aiccu_kame.c,v 1.15 2007-01-11 15:11:27 jeroen Exp $ + $Date: 2007-01-11 15:11:27 $ **********************************************************/ #include "aiccu.h" -void aiccu_os_install() +bool aiccu_os_install(void) { + return true; } -void aiccu_os_setup(struct TIC_Tunnel *hTunnel) +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "/sbin/ifconfig %s create", @@ -35,33 +36,41 @@ "ifconfig %s up", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") == 0) + aiccu_exec( + "ifconfig %s mtu %u", + g_aiccu->ipv6_interface, + hTunnel->nMTU); + + if (hTunnel->uses_tundev == 1) { + /* Configure a generated linklocal address */ aiccu_exec( "ifconfig %s inet6 %s prefixlen 64 alias", g_aiccu->ipv6_interface, hTunnel->sIPv6_LinkLocal); } + /* PtP link, so we can use the PtP syntax */ aiccu_exec( - "ifconfig %s inet6 %s prefixlen 128 alias", + "ifconfig %s inet6 %s %s prefixlen 128 alias", g_aiccu->ipv6_interface, - hTunnel->sIPv6_Local); + hTunnel->sIPv6_Local, + hTunnel->sIPv6_POP); - aiccu_exec( - "route add -inet6 %s -prefixlen 128 %s", - hTunnel->sIPv6_POP, - hTunnel->sIPv6_Local); + if (g_aiccu->defaultroute) + { + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } - aiccu_exec( - "route add -inet6 %s %s", - "default", - hTunnel->sIPv6_POP); + return true; } void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "/sbin/ifconfig %s tunnel %s %s", @@ -78,7 +87,7 @@ "ifconfig %s down", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "ifconfig %s deletetunnel", diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_linux.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_linux.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_linux.c 2005-01-31 20:16:36.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_linux.c 2007-01-15 13:18:58.000000000 +0100 @@ -6,21 +6,42 @@ common/aiccu_linux.c - AICCU Linux Abstracted functions *********************************************************** $Author: jeroen $ - $Id: aiccu_linux.c,v 1.7 2005/01/31 19:16:36 jeroen Exp $ - $Date: 2005/01/31 19:16:36 $ + $Id: aiccu_linux.c,v 1.15 2007-01-15 12:18:58 jeroen Exp $ + $Date: 2007-01-15 12:18:58 $ **********************************************************/ #include "aiccu.h" -void aiccu_os_install() +bool aiccu_os_install(void) { - /* Just try to load it, doesn't really matter if it fails */ - system("modprobe -q ipv6 2>/dev/null >/dev/null"); + /* Check if IPv6 support is available */ + if (access("/proc/net/if_inet6", F_OK)) + { + /* Doing the modprobe doesn't guarantee success unfortunately */ + (void)system("modprobe -q ipv6 2>/dev/null >/dev/null"); + + /* Thus test it again */ + if (access("/proc/net/if_inet6", F_OK)) + { + dolog(LOG_ERR, "No IPv6 Stack found! Please check your kernel and module configuration\n"); + return false; + } + } + + /* Try to load modules (SIT tunnel, TUN/TAP) + * They can be kernel builtins and there is no easy + * way to check if they are loaded/built except for + * trying to use them and fail at that point + */ + (void)system("modprobe -q sit 2>/dev/null >/dev/null"); + (void)system("modprobe -q tun 2>/dev/null >/dev/null"); + + return true; } -void aiccu_os_setup(struct TIC_Tunnel *hTunnel) +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "ip tunnel add %s mode sit %s%s remote %s", @@ -35,10 +56,11 @@ g_aiccu->ipv6_interface); aiccu_exec( - "ip link set mtu 1280 dev %s", + "ip link set mtu %u dev %s", + hTunnel->nMTU, g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "ip tunnel change %s ttl 64", @@ -60,16 +82,21 @@ hTunnel->nIPv6_PrefixLength, g_aiccu->ipv6_interface); - aiccu_exec( - "ip -6 ro add %s via %s dev %s", - "default", - hTunnel->sIPv6_POP, - g_aiccu->ipv6_interface); + if (g_aiccu->defaultroute) + { + aiccu_exec( + "ip -6 ro add %s via %s dev %s", + "default", + hTunnel->sIPv6_POP, + g_aiccu->ipv6_interface); + } + + return true; } void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "ip tunnel change %s local %s", @@ -85,7 +112,7 @@ "ip link set %s down", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "ip tunnel del %s", diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_openbsd2.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_openbsd2.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_openbsd2.c 2005-01-31 20:16:36.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_openbsd2.c 2007-01-07 17:37:50.000000000 +0100 @@ -6,21 +6,22 @@ common/aiccu_openbsd2.c - OpenBSD 2.7-2.9 *********************************************************** $Author: jeroen $ - $Id: aiccu_openbsd2.c,v 1.3 2005/01/31 19:16:36 jeroen Exp $ - $Date: 2005/01/31 19:16:36 $ + $Id: aiccu_openbsd2.c,v 1.7 2007-01-07 16:37:50 jeroen Exp $ + $Date: 2007-01-07 16:37:50 $ - Provided by Wouter Van Hemel + Original version provided by Wouter Van Hemel **********************************************************/ #include "aiccu.h" -void aiccu_os_install() +bool aiccu_os_install(void) { + return true; } -void aiccu_os_setup(struct TIC_Tunnel *hTunnel) +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "/sbin/ifconfig %s giftunnel %s %s", @@ -33,7 +34,12 @@ "ifconfig %s up", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") == 0) + aiccu_exec( + "ifconfig %s mtu %u", + g_aiccu->ipv6_interface, + hTunnel->nMTU); + + if (hTunnel->uses_tundev == 1) { aiccu_exec( "ifconfig %s inet6 %s prefixlen 64 alias", @@ -47,10 +53,15 @@ hTunnel->sIPv6_Local, hTunnel->sIPv6_POP); - aiccu_exec( - "route add -inet6 %s %s", - "default", - hTunnel->sIPv6_POP); + if (g_aiccu->defaultroute) + { + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } + + return true; } void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_openbsd.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_openbsd.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_openbsd.c 2005-02-04 18:38:32.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_openbsd.c 2007-01-07 17:37:50.000000000 +0100 @@ -6,19 +6,20 @@ common/aiccu_openbsd.c - OpenBSD *********************************************************** $Author: jeroen $ - $Id: aiccu_openbsd.c,v 1.7 2005/01/31 19:16:36 jeroen Exp $ - $Date: 2005/01/31 19:16:36 $ + $Id: aiccu_openbsd.c,v 1.11 2007-01-07 16:37:50 jeroen Exp $ + $Date: 2007-01-07 16:37:50 $ **********************************************************/ #include "aiccu.h" -void aiccu_os_install() +bool aiccu_os_install(void) { + return true; } -void aiccu_os_setup(struct TIC_Tunnel *hTunnel) +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) { - if (strcmp(hTunnel->sType, "ayiya") != 0) + if (hTunnel->uses_tundev == 0) { aiccu_exec( "/sbin/ifconfig %s tunnel %s %s", @@ -31,7 +32,12 @@ "ifconfig %s up", g_aiccu->ipv6_interface); - if (strcmp(hTunnel->sType, "ayiya") == 0) + aiccu_exec( + "ifconfig %s mtu %u", + g_aiccu->ipv6_interface, + hTunnel->nMTU); + + if (hTunnel->uses_tundev == 1) { aiccu_exec( "ifconfig %s inet6 %s prefixlen 64 alias", @@ -45,10 +51,15 @@ hTunnel->sIPv6_Local, hTunnel->sIPv6_POP); - aiccu_exec( - "route add -inet6 %s %s", - "default", - hTunnel->sIPv6_POP); + if (g_aiccu->defaultroute) + { + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } + + return true; } void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) @@ -66,8 +77,12 @@ aiccu_exec( "ifconfig %s down", g_aiccu->ipv6_interface); - aiccu_exec( - "ifconfig %s deletetunnel", - g_aiccu->ipv6_interface); + + if (hTunnel->uses_tundev == 0) + { + aiccu_exec( + "ifconfig %s deletetunnel", + g_aiccu->ipv6_interface); + } } diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_sunos.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_sunos.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_sunos.c 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_sunos.c 2006-07-23 16:55:14.000000000 +0200 @@ -0,0 +1,74 @@ +/********************************************************** + SixXS - Automatic IPv6 Connectivity Configuration Utility +*********************************************************** + Copyright 2003-2005 SixXS - http://www.sixxs.net +*********************************************************** + common/aiccu_sunos.c - Sun Solaris / SunOS + + ipv6_interface has to be eg ip.tun0 +*********************************************************** + $Author: jeroen $ + $Id: aiccu_sunos.c,v 1.3 2006-07-23 14:13:57 jeroen Exp $ + $Date: 2006-07-23 14:13:57 $ +**********************************************************/ + +#include "aiccu.h" + +bool aiccu_os_install(void) +{ + return true; +} + +bool aiccu_os_setup(struct TIC_Tunnel *hTunnel) +{ + if (hTunnel->uses_tundev == 0) + { + aiccu_exec( + "/sbin/ifconfig %s inet6 plumb tsrc %s tdst %s up", + g_aiccu->ipv6_interface, + strcmp(hTunnel->sIPv4_Local, "heartbeat") == 0 ? "0.0.0.0" : hTunnel->sIPv4_Local, + hTunnel->sIPv4_POP); + + aiccu_exec( + "ifconfig %s inet6 addif %s %s up", + g_aiccu->ipv6_interface, + hTunnel->sIPv6_Local, + hTunnel->sIPv6_POP); + } + else + { + dolog(LOG_DEBUG, "There is no Solaris support for tun-devices yet"); + exit(-1); + } + + if (g_aiccu->defaultroute) + { + aiccu_exec( + "route add -inet6 %s %s", + "default", + hTunnel->sIPv6_POP); + } + + return true; +} + +void aiccu_os_reconfig(struct TIC_Tunnel *hTunnel) +{ + if (hTunnel->uses_tundev == 0) + { + aiccu_exec( + "/sbin/ifconfig %s inet6 plumb tsrc %s tdst %s up", + g_aiccu->ipv6_interface, + strcmp(hTunnel->sIPv4_Local, "heartbeat") == 0 ? "0.0.0.0" : hTunnel->sIPv4_Local, + hTunnel->sIPv4_POP); + } +} + +void aiccu_os_delete(struct TIC_Tunnel *hTunnel) +{ + hTunnel = hTunnel; + aiccu_exec( + "ifconfig %s down", + g_aiccu->ipv6_interface); +} + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_test.c /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_test.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/aiccu_test.c 2005-01-18 14:58:31.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/aiccu_test.c 2007-01-15 13:00:46.000000000 +0100 @@ -6,8 +6,8 @@ common/aiccu_test.c - AICCU Test function *********************************************************** $Author: jeroen $ - $Id: aiccu_test.c,v 1.4 2005/01/18 13:58:31 jeroen Exp $ - $Date: 2005/01/18 13:58:31 $ + $Id: aiccu_test.c,v 1.9 2007-01-15 12:00:46 jeroen Exp $ + $Date: 2007-01-15 12:00:46 $ **********************************************************/ #include "aiccu.h" @@ -24,9 +24,11 @@ #define TRACEROUTE6 "tracert6 %s" #endif -void system_arg(char *fmt, ...) +void system_arg(const char *fmt, ...); +void system_arg(const char *fmt, ...) { char buf[1024]; + int ret; va_list ap; va_start(ap, fmt); @@ -34,16 +36,19 @@ va_end(ap); fflush(stdout); - system(buf); + ret = system(buf); + if (ret == -1) dolog(LOG_WARNING, "Execution of \"%s\" failed!? (Please check if the command is available)\n", buf); } #define PINGCOUNT 3 -#define TOTTESTS 8 +bool test_ask(bool automatic); bool test_ask(bool automatic) { char buf[100]; + if (!g_aiccu->running) return false; + printf("\n######\n"); printf("\n"); @@ -51,7 +56,7 @@ printf("Did this work? [Y/n] "); - fgets(buf, sizeof(buf), stdin); + if (fgets(buf, sizeof(buf), stdin) == NULL) return false; printf("\n"); @@ -61,9 +66,10 @@ void aiccu_os_test(struct TIC_Tunnel *hTunnel, bool automatic) { unsigned int t = 1; + unsigned int tottests = 8; - /* Make sure we have a correct local IPv4 address for heartbeats */ - if (strcmp(hTunnel->sType, "6in4-heartbeat") == 0) + /* Make sure we have a correct local IPv4 address for some tests */ + if (strcmp(hTunnel->sType, "6in4-static") != 0) { heartbeat_socket(NULL, 0, "", &hTunnel->sIPv4_Local, @@ -71,57 +77,59 @@ NULL); } + if (!g_aiccu->running) return; + printf("#######\n"); printf("####### AICCU Quick Connectivity Test\n"); printf("#######\n\n"); printf("####### [%u/%u] Ping the IPv4 Local/Your Outer Endpoint (%s)\n", - t++, TOTTESTS, hTunnel->sIPv4_Local); + t++, tottests, hTunnel->sIPv4_Local); printf("### This should return so called 'echo replies'\n"); printf("### If it doesn't then check your firewall settings\n"); printf("### Your local endpoint should always be pingable\n"); printf("### It could also indicate problems with your IPv4 stack\n"); printf("\n"); system_arg(PING4, PINGCOUNT, hTunnel->sIPv4_Local); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; - printf("####### [%u/%u] Ping the IPv4 Remote/POP Outer Endpoint (%s)\n", - t++, TOTTESTS, hTunnel->sIPv4_POP); - printf("### These pings should reach the POP and come back to you\n"); + printf("####### [%u/%u] Ping the IPv4 Remote/PoP Outer Endpoint (%s)\n", + t++, tottests, hTunnel->sIPv4_POP); + printf("### These pings should reach the PoP and come back to you\n"); printf("### In case there are problems along the route between your\n"); - printf("### host and the POP this could not return replies\n"); + printf("### host and the PoP this could not return replies\n"); printf("### Check your firewall settings if problems occur\n"); printf("\n"); system_arg(PING4, PINGCOUNT, hTunnel->sIPv4_POP); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; - printf("####### [%u/%u] Traceroute to the POP (%s) over IPv4\n", - t++, TOTTESTS, hTunnel->sIPv4_POP); - printf("### This traceroute should reach the POP\n"); + printf("####### [%u/%u] Traceroute to the PoP (%s) over IPv4\n", + t++, tottests, hTunnel->sIPv4_POP); + printf("### This traceroute should reach the PoP\n"); printf("### In case this traceroute fails then you have no connectivity\n"); - printf("### to the POP and this is most probably the problem\n"); + printf("### to the PoP and this is most probably the problem\n"); printf("\n"); system_arg(TRACEROUTE4, hTunnel->sIPv4_POP); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; printf("###### [%u/%u] Checking if we can ping IPv6 localhost (::1)\n", - t++, TOTTESTS); + t++, tottests); printf("### This confirms if your IPv6 is working\n"); printf("### If ::1 doesn't reply then something is wrong with your IPv6 stack\n"); printf("\n"); system_arg(PING6, PINGCOUNT, "::1"); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; printf("###### [%u/%u] Ping the IPv6 Local/Your Inner Tunnel Endpoint (%s)\n", - t++, TOTTESTS, hTunnel->sIPv6_Local); + t++, tottests, hTunnel->sIPv6_Local); printf("### This confirms that your tunnel is configured\n"); printf("### If it doesn't reply then check your interface and routing tables\n"); printf("\n"); system_arg(PING6, PINGCOUNT, hTunnel->sIPv6_Local); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; - printf("###### [%u/%u] Ping the IPv6 Remote/POP Inner Tunnel Endpoint (%s)\n", - t++, TOTTESTS, hTunnel->sIPv6_POP); + printf("###### [%u/%u] Ping the IPv6 Remote/PoP Inner Tunnel Endpoint (%s)\n", + t++, tottests, hTunnel->sIPv6_POP); printf("### This confirms the reachability of the other side of the tunnel\n"); printf("### If it doesn't reply then check your interface and routing tables\n"); printf("### Don't forget to check your firewall of course\n"); @@ -129,27 +137,27 @@ printf("### a firewalling and a routing/interface problem\n"); printf("\n"); system_arg(PING6, PINGCOUNT, hTunnel->sIPv6_POP); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; printf("###### [%u/%u] Traceroute6 to the central SixXS machine (noc.sixxs.net)\n", - t++, TOTTESTS); + t++, tottests); printf("### This confirms that you can reach the central machine of SixXS\n"); printf("### If that one is reachable you should be able to reach most IPv6 destinations\n"); printf("### Also check http://www.sixxs.net/ipv6calc/ which should show an IPv6 connection\n"); printf("### If your browser supports IPv6 and uses it of course.\n"); printf("\n"); system_arg(TRACEROUTE6, "noc.sixxs.net"); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; printf("###### [%u/%u] Traceroute6 to (www.kame.net)\n", - t++, TOTTESTS); + t++, tottests); printf("### This confirms that you can reach a Japanese IPv6 destination\n"); printf("### If that one is reachable you should be able to reach most IPv6 destinations\n"); printf("### You should also check http://www.kame.net which should display\n"); printf("### a animated kame (turtle), of course only when your browser supports and uses IPv6\n"); printf("\n"); system_arg(TRACEROUTE6, "www.kame.net"); - if (!test_ask(automatic)) return; + if (!test_ask(automatic) || !g_aiccu->running) return; printf("###### ACCU Quick Connectivity Test (done)\n\n"); diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/ayiya.c /tmp/0dDlfsosXk/aiccu-20070115/common/ayiya.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/ayiya.c 2005-01-17 14:37:36.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/ayiya.c 2007-01-09 23:45:09.000000000 +0100 @@ -6,20 +6,21 @@ common/ayiya.c - AYIYA - Anything In Anything *********************************************************** $Author: jeroen $ - $Id: ayiya.c,v 1.6 2005/01/17 13:37:36 jeroen Exp $ - $Date: 2005/01/17 13:37:36 $ + $Id: ayiya.c,v 1.15 2007-01-07 16:17:48 jeroen Exp $ + $Date: 2007-01-07 16:17:48 $ **********************************************************/ #include "aiccu.h" #include "ayiya.h" #include "tic.h" +#include "tun.h" struct pseudo_ayh { struct ayiyahdr ayh; struct in6_addr identity; sha1_byte hash[SHA1_DIGEST_LENGTH]; - unsigned char payload[2048]; + char payload[2048]; }; struct in_addr ayiya_ipv4_pop; /* IPv4 remote endpoint */ @@ -27,29 +28,14 @@ ayiya_ipv6_pop; /* IPv6 remote endpoint */ sha1_byte ayiya_hash[SHA1_DIGEST_LENGTH]; /* SHA1 Hash of the shared secret. */ -/* The tun/tap device HANDLE */ -#ifndef _WIN32 -int ayiya_fd; -#else -HANDLE device_handle = INVALID_HANDLE_VALUE; -#define ETH_P_IPV6 0x86dd -#define ETH_ALEN 6 -struct ether_header -{ - u_int8_t ether_dhost[ETH_ALEN]; /* destination eth addr */ - u_int8_t ether_shost[ETH_ALEN]; /* source ether addr */ - u_int16_t ether_type; /* packet type ID field */ -}; -#endif - -SOCKET ayiya_socket = -1; +TLSSOCKET ayiya_socket = NULL; -/* Tap device constants which we use */ -#define TAP_CONTROL_CODE(request,method) CTL_CODE(FILE_DEVICE_PHYSICAL_NETCARD | 8000, request, method, FILE_ANY_ACCESS) -#define TAP_IOCTL_CONFIG_POINT_TO_POINT TAP_CONTROL_CODE(6, METHOD_BUFFERED) -#define TAP_IOCTL_SET_MEDIA_STATUS TAP_CONTROL_CODE(7, METHOD_BUFFERED) +static const char reader_name[] = "tundev->tun"; +static const char writer_name[] = "tun->tundev"; +static const char beat_name[] = "beat"; -void ayiya_log(int level, struct sockaddr_storage *clientaddr, socklen_t addrlen, const char *fmt, ...) +void ayiya_log(int level, const char *what, struct sockaddr_storage *clientaddr, socklen_t addrlen, const char *fmt, ...); +void ayiya_log(int level, const char *what, struct sockaddr_storage *clientaddr, socklen_t addrlen, const char *fmt, ...) { char buf[1024]; char clienthost[NI_MAXHOST]; @@ -70,12 +56,13 @@ NI_NUMERICHOST|NI_NUMERICSERV); if (ret != 0) { - printf("ret: %d, errno: %u, %s\n", ret, errno, strerror(errno)); + dolog(LOG_ERR, "ayiya_log() getnameinfo() ret: %d, errno: %u, %s\n", ret, errno, strerror(errno)); } } - + /* Print the host+port this is coming from */ - snprintf(buf, sizeof(buf), "[AYIYA]%s%s%s%s : ", + snprintf(buf, sizeof(buf), "[AYIYA-%s]%s%s%s%s : ", + what, clientaddr ? " [" : "", clientaddr ? clienthost : "" , clientaddr ? "]:" : "", @@ -90,136 +77,85 @@ dolog(level, buf); } -/* Tap -> Socket */ -#ifndef _WIN32 -void *ayiya_reader(void *arg) -#else -DWORD WINAPI ayiya_reader(LPVOID arg) -#endif +/* Tun -> Socket */ +void ayiya_reader(char *buf, unsigned int length); +void ayiya_reader(char *buf, unsigned int length) { - unsigned char buf[2048]; struct pseudo_ayh *s = (struct pseudo_ayh *)buf, s2; int lenout; SHA_CTX sha1; sha1_byte hash[SHA1_DIGEST_LENGTH]; struct sockaddr_in target; -#ifdef _WIN32 - DWORD n; - OVERLAPPED overlapped; - - /* Create an event for overlapped results */ - overlapped.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); -#else - ssize_t n; - /* use the param and let gcc not complain */ - arg = NULL; -#endif - - ayiya_log(LOG_INFO, NULL, 0, "Writer (TAP to Socket) started\n"); - - while (true) - { - /* We tunnel over IPv4 */ - memcpy(&target.sin_addr, &ayiya_ipv4_pop, sizeof(target.sin_addr)); - target.sin_family = AF_INET; - target.sin_port = htons(atoi(AYIYA_PORT)); + /* We tunnel over IPv4 */ + memcpy(&target.sin_addr, &ayiya_ipv4_pop, sizeof(target.sin_addr)); + target.sin_family = AF_INET; + target.sin_port = htons(atoi(AYIYA_PORT)); - /* Prefill some standard AYIYA values */ - memset(&s, 0, sizeof(s)); - s2.ayh.ayh_idlen = 4; /* 2^4 = 16 bytes = 128 bits (IPv6 address) */ - s2.ayh.ayh_idtype = ayiya_id_integer; - s2.ayh.ayh_siglen = 5; /* 5*4 = 20 bytes = 160 bits (SHA1) */ - s2.ayh.ayh_hshmeth = ayiya_hash_sha1; - s2.ayh.ayh_autmeth = ayiya_auth_sharedsecret; - s2.ayh.ayh_opcode = ayiya_op_forward; - s2.ayh.ayh_nextheader = IPPROTO_IPV6; - - /* Our IPv6 side of this tunnel */ - memcpy(&s2.identity, &ayiya_ipv6_local, sizeof(s2.identity)); -#ifndef _WIN32 - n = read(ayiya_fd, s2.payload, sizeof(s2.payload)); - if (n <= 0) - { - ayiya_log(LOG_ERR, NULL, 0, "[writer] Error reading from device (%d): %s\n", errno, strerror(errno)); - continue; - } + /* Prefill some standard AYIYA values */ + memset(&s, 0, sizeof(s)); + s2.ayh.ayh_idlen = 4; /* 2^4 = 16 bytes = 128 bits (IPv6 address) */ + s2.ayh.ayh_idtype = ayiya_id_integer; + s2.ayh.ayh_siglen = 5; /* 5*4 = 20 bytes = 160 bits (SHA1) */ + s2.ayh.ayh_hshmeth = ayiya_hash_sha1; + s2.ayh.ayh_autmeth = ayiya_auth_sharedsecret; + s2.ayh.ayh_opcode = ayiya_op_forward; + s2.ayh.ayh_nextheader = IPPROTO_IPV6; + + /* Our IPv6 side of this tunnel */ + memcpy(&s2.identity, &ayiya_ipv6_local, sizeof(s2.identity)); + + /* The payload */ + memcpy(&s2.payload, buf, length); + + /* Fill in the current time */ + s2.ayh.ayh_epochtime = htonl((u_long)time(NULL)); + + /* + * The hash of the shared secret needs to be in the + * spot where we later put the complete hash + */ + memcpy(&s2.hash, ayiya_hash, sizeof(s2.hash)); -#ifndef DARWIN - if (s2.payload[2] != 0x86 || s2.payload[3] != 0xdd) - { - ayiya_log(LOG_ERR, NULL, 0, "[writer] Ignoring %02x%02x packet\n", s2.payload[2], s2.payload[3]); - continue; - } - /* get the tun_pi struct out of there */ - memmove(&s2.payload, &s2.payload[4], n-4); -#endif -#else - overlapped.Offset = 0; - overlapped.OffsetHigh = 0; - ResetEvent(overlapped.hEvent); - - n = ReadFile(device_handle, s2.payload, sizeof(s2.payload), &n, &overlapped); - if (!n) - { - if (GetLastError() == ERROR_IO_PENDING) - { - WaitForSingleObject(overlapped.hEvent, INFINITE); - if (!GetOverlappedResult(device_handle, &overlapped, &n, FALSE)) continue; - } - else - { - ayiya_log(LOG_ERR, NULL, 0, "[writer] Error reading from device (%d): %s\n", errno, strerror(errno)); - continue; - } - } -#endif - /* Fill in the current time */ - s2.ayh.ayh_epochtime = htonl((u_long)time(NULL)); + /* Generate a SHA1 */ + SHA1_Init(&sha1); + /* Hash the complete AYIYA packet */ + SHA1_Update(&sha1, (sha1_byte *)&s2, sizeof(s2)-sizeof(s2.payload)+length); + /* Store the hash in the packets hash */ + SHA1_Final(hash, &sha1); - /* - * The hash of the shared secret needs to be in the - * spot where we later put the complete hash - */ - memcpy(&s2.hash, ayiya_hash, sizeof(s2.hash)); + /* Store the hash in the actual packet */ + memcpy(&s2.hash, &hash, sizeof(s2.hash)); - /* Generate a SHA1 */ - SHA1_Init(&sha1); - /* Hash the complete AYIYA packet */ - SHA1_Update(&sha1, (sha1_byte *)&s2, sizeof(s2)-sizeof(s2.payload)+n); - /* Store the hash in the packets hash */ - SHA1_Final(hash, &sha1); - - /* Store the hash in the actual packet */ - memcpy(&s2.hash, &hash, sizeof(s2.hash)); - - /* Send it onto the network */ - n = sizeof(s2)-sizeof(s2.payload)+n; - lenout = sendto(ayiya_socket, (const char *)&s2, (unsigned int)n, 0, (struct sockaddr *)&target, sizeof(target)); - if (lenout < 0) - { - ayiya_log(LOG_ERR, NULL, 0, "[writer] Error (%d) while sending %u bytes sent to network (%d): %s)\n", lenout, n, errno, strerror(errno)); - } - else if (n != lenout) - { - ayiya_log(LOG_ERR, NULL, 0, "[writer] Only %u of %u bytes sent to network (%d): %s)\n", lenout, n, errno, strerror(errno)); - } - } -#ifndef _WIN32 - return NULL; + /* Send it onto the network */ + length = sizeof(s2)-sizeof(s2.payload)+length; +#if defined(_FREEBSD) || defined(_DFBSD) || defined(_OPENBSD) || defined(_DARWIN) || defined(_NETBSD) + lenout = send(ayiya_socket->socket, (const char *)&s2, length, 0); #else - return 0; + lenout = sendto(ayiya_socket->socket, (const char *)&s2, length, 0, (struct sockaddr *)&target, sizeof(target)); #endif + if (lenout < 0) + { + ayiya_log(LOG_ERR, reader_name, NULL, 0, "Error (%d) while sending %u bytes to network: %s (%d)\n", lenout, length, strerror(errno), errno); + } + else if (length != (unsigned int)lenout) + { + ayiya_log(LOG_ERR, reader_name, NULL, 0, "Only %u of %u bytes sent to network: %s (%s)\n", lenout, length, strerror(errno), errno); + } } -/* Socket -> Tap */ +struct tun_reader ayiya_tun = { (TUN_PROCESS)ayiya_reader }; + +/* Socket -> Tun */ #ifndef _WIN32 -void *ayiya_writer(void *arg) +void *ayiya_writer(void UNUSED *arg); +void *ayiya_writer(void UNUSED *arg) #else +DWORD WINAPI ayiya_writer(LPVOID arg); DWORD WINAPI ayiya_writer(LPVOID arg) #endif { - unsigned char buf[2048]; + unsigned char buf[2048]; struct pseudo_ayh *s = (struct pseudo_ayh *)buf; struct sockaddr_storage ci; socklen_t cl; @@ -228,27 +164,23 @@ SHA_CTX sha1; sha1_byte their_hash[SHA1_DIGEST_LENGTH], our_hash[SHA1_DIGEST_LENGTH]; -#ifdef _WIN32 - DWORD lenout; - OVERLAPPED overlapped = {0}; -#else - /* use the param and let gcc not complain */ - arg = NULL; -#endif - ayiya_log(LOG_INFO, NULL, 0, "Reader (Socket to TAP) started\n"); + ayiya_log(LOG_INFO, writer_name, NULL, 0, "(Socket to TUN) started\n"); + + /* Tun/TAP device is now running */ + g_aiccu->tunrunning = true; while (true) { cl = sizeof(ci); memset(buf, 0, sizeof(buf)); - n = recvfrom(ayiya_socket, (char *)buf, sizeof(buf), 0, (struct sockaddr *)&ci, &cl); + n = recvfrom(ayiya_socket->socket, (char *)buf, sizeof(buf), 0, (struct sockaddr *)&ci, &cl); if (n < 0) continue; if (n < (int)sizeof(struct ayiyahdr)) { - ayiya_log(LOG_WARNING, &ci, cl, "[reader] Packet too short"); + ayiya_log(LOG_WARNING, writer_name, &ci, cl, "Received packet is too short"); continue; } @@ -264,14 +196,14 @@ s->ayh.ayh_opcode != ayiya_op_echo_request_forward)) { /* Invalid AYIYA packet */ - ayiya_log(LOG_ERR, &ci, cl, "Dropping invalid AYIYA packet\n"); - ayiya_log(LOG_ERR, &ci, cl, "idlen: %u != %u\n", s->ayh.ayh_idlen, 4); - ayiya_log(LOG_ERR, &ci, cl, "idtype: %u != %u\n", s->ayh.ayh_idtype, ayiya_id_integer); - ayiya_log(LOG_ERR, &ci, cl, "siglen: %u != %u\n", s->ayh.ayh_siglen, 5); - ayiya_log(LOG_ERR, &ci, cl, "hshmeth: %u != %u\n", s->ayh.ayh_hshmeth, ayiya_hash_sha1); - ayiya_log(LOG_ERR, &ci, cl, "autmeth: %u != %u\n", s->ayh.ayh_autmeth, ayiya_auth_sharedsecret); - ayiya_log(LOG_ERR, &ci, cl, "nexth : %u != %u || %u\n", s->ayh.ayh_nextheader, IPPROTO_IPV6, IPPROTO_NONE); - ayiya_log(LOG_ERR, &ci, cl, "opcode : %u != %u || %u || %u\n", s->ayh.ayh_opcode, ayiya_op_forward, ayiya_op_echo_request, ayiya_op_echo_request_forward); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "Dropping invalid AYIYA packet\n"); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "idlen: %u != %u\n", s->ayh.ayh_idlen, 4); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "idtype: %u != %u\n", s->ayh.ayh_idtype, ayiya_id_integer); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "siglen: %u != %u\n", s->ayh.ayh_siglen, 5); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "hshmeth: %u != %u\n", s->ayh.ayh_hshmeth, ayiya_hash_sha1); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "autmeth: %u != %u\n", s->ayh.ayh_autmeth, ayiya_auth_sharedsecret); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "nexth : %u != %u || %u\n", s->ayh.ayh_nextheader, IPPROTO_IPV6, IPPROTO_NONE); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "opcode : %u != %u || %u || %u\n", s->ayh.ayh_opcode, ayiya_op_forward, ayiya_op_echo_request, ayiya_op_echo_request_forward); continue; } @@ -279,7 +211,7 @@ { memset(buf, 0, sizeof(buf)); inet_ntop(AF_INET6, &s->identity, (char *)&buf, sizeof(buf)); - ayiya_log(LOG_WARNING, &ci, cl, "[reader] Received packet from a wrong identity \"%s\"\n", buf); + ayiya_log(LOG_WARNING, writer_name, &ci, cl, "Received packet from a wrong identity \"%s\"\n", buf); continue; } @@ -289,7 +221,7 @@ { memset(buf, 0, sizeof(buf)); inet_ntop(AF_INET6, &s->identity, (char *)&buf, sizeof(buf)); - ayiya_log(LOG_WARNING, &ci, cl, "[reader] Time is %d seconds off for %s\n", i, buf); + ayiya_log(LOG_WARNING, writer_name, &ci, cl, "Time is %d seconds off for %s\n", i, buf); continue; } @@ -314,7 +246,7 @@ /* Compare the SHA1's */ if (memcmp(&their_hash, &our_hash, sizeof(their_hash)) != 0) { - ayiya_log(LOG_WARNING, &ci, cl, "[reader] Incorrect Hash received\n"); + ayiya_log(LOG_WARNING, writer_name, &ci, cl, "Incorrect Hash received\n"); continue; } @@ -323,49 +255,18 @@ /* Verify that this is really IPv6 */ if (s->payload[0] >> 4 != 6) { - ayiya_log(LOG_ERR, &ci, cl, "[reader] Received packet didn't start with a 6, thus is not IPv6\n"); + ayiya_log(LOG_ERR, writer_name, &ci, cl, "Received packet didn't start with a 6, thus is not IPv6\n"); continue; } /* Forward the packet to the kernel */ -#ifndef _WIN32 - { - unsigned int c; -#ifdef linux - struct - { - struct tun_pi pi; - char payload[2048]; - } packet; - - memset(&packet, 0, sizeof(packet)); - - packet.pi.proto = htons(ETH_P_IPV6); - memcpy(&packet.payload, &s->payload, payloadlen); - - /* Forward the packet to the kernel */ - c = write(ayiya_fd, &packet, payloadlen+sizeof(struct tun_pi)); - if (c != payloadlen+sizeof(struct tun_pi)) - { - ayiya_log(LOG_ERR, &ci, cl, "[writer] Error while writing to TAP: %u != %u\n", c, payloadlen+sizeof(struct tun_pi)); - } -#else - c = write(ayiya_fd, &s->payload, payloadlen); - if (c != payloadlen) - { - ayiya_log(LOG_ERR, &ci, cl, "[writer] Error while writing to TAP: %u != %u\n", c, payloadlen); - } -#endif - - } -#else - if (!WriteFile(device_handle, &s->payload, payloadlen, &lenout, &overlapped)) - { - ayiya_log(LOG_ERR, &ci, cl, "[writer] Error while writing to TAP\n"); - } -#endif + tun_write(s->payload, payloadlen); } } + + /* Tun/TAP device is not running anymore */ + g_aiccu->tunrunning = false; + #ifndef _WIN32 return NULL; #else @@ -373,112 +274,88 @@ #endif } -bool ayiya(struct TIC_Tunnel *hTunnel) +/* Construct a beat and send it outwards */ +void ayiya_beat(void) { - SHA_CTX sha1; - struct addrinfo hints, *res, *ressave; -#ifndef _WIN32 - pthread_t thread; -#ifdef linux - struct ifreq ifr; + SHA_CTX sha1; + sha1_byte hash[SHA1_DIGEST_LENGTH]; + struct sockaddr_in target; + struct pseudo_ayh s; + int lenout, n; - /* Create a new tap device */ - ayiya_fd = open("/dev/net/tun", O_RDWR); - if (ayiya_fd == -1) - { - ayiya_log(LOG_ERR, NULL, 0, "Couldn't open device %s (%d): %s\n", "/dev/net/tun", errno, strerror(errno)); - return false; - } + /* We tunnel over IPv4 */ + memcpy(&target.sin_addr, &ayiya_ipv4_pop, sizeof(target.sin_addr)); + target.sin_family = AF_INET; + target.sin_port = htons(atoi(AYIYA_PORT)); + + /* Prefill some standard AYIYA values */ + memset(&s, 0, sizeof(s)); + s.ayh.ayh_idlen = 4; /* 2^4 = 16 bytes = 128 bits (IPv6 address) */ + s.ayh.ayh_idtype = ayiya_id_integer; + s.ayh.ayh_siglen = 5; /* 5*4 = 20 bytes = 160 bits (SHA1) */ + s.ayh.ayh_hshmeth = ayiya_hash_sha1; + s.ayh.ayh_autmeth = ayiya_auth_sharedsecret; + s.ayh.ayh_opcode = ayiya_op_noop; + s.ayh.ayh_nextheader = IPPROTO_NONE; + + /* Our IPv6 side of this tunnel */ + memcpy(&s.identity, &ayiya_ipv6_local, sizeof(s.identity)); + + /* No Payload */ + + /* Fill in the current time */ + s.ayh.ayh_epochtime = htonl((u_long)time(NULL)); + + /* Our IPv6 side of this tunnel */ + memcpy(&s.identity, &ayiya_ipv6_local, sizeof(s.identity)); + + /* + * The hash of the shared secret needs to be in the + * spot where we later put the complete hash + */ + memcpy(&s.hash, ayiya_hash, sizeof(s.hash)); - memset(&ifr, 0, sizeof(ifr)); - /* Request a TUN device */ - ifr.ifr_flags = IFF_TUN; - /* Set the interface name */ - strncpy(ifr.ifr_name, g_aiccu->ipv6_interface, sizeof(ifr.ifr_name)); + /* Generate a SHA1 */ + SHA1_Init(&sha1); + /* Hash the complete AYIYA packet */ + SHA1_Update(&sha1, (sha1_byte *)&s, sizeof(s)-sizeof(s.payload)); + /* Store the hash in the packets hash */ + SHA1_Final(hash, &sha1); - if (ioctl(ayiya_fd, TUNSETIFF, &ifr)) - { - ayiya_log(LOG_ERR, NULL, 0, "Couldn't set interface name to %s (%d): %s\n", - g_aiccu->ipv6_interface, errno, strerror(errno)); - return false; - } -#else - int i; - ayiya_fd = -1; - for (i = 0; i < 256; ++i) - { - char buf[128]; - snprintf(buf, sizeof(buf), "/dev/tun%d", i); - ayiya_fd = open(buf, O_RDWR); - if (ayiya_fd >= 0) - { - break; - } - } - if (ayiya_fd < 0) - { - ayiya_log(LOG_ERR, NULL, 0, "Couldn't open device %s (%d): %s\n", "/dev/tun", errno, strerror(errno)); - return false; - } -#endif /* linux */ + /* Store the hash in the actual packet */ + memcpy(&s.hash, &hash, sizeof(s.hash)); + /* Send it onto the network */ + n = sizeof(s)-sizeof(s.payload); +#if defined(_FREEBSD) || defined(_DFBSD) || defined(_OPENBSD) || defined(_DARWIN) || defined(_NETBSD) + lenout = send(ayiya_socket->socket, (const char *)&s, (unsigned int)n, 0); #else - HKEY key; - DWORD pID; - HANDLE h; - int i; - - char adapterid[1024]; - char tapname[1024]; - DWORD len; - unsigned long status; - - /* Open registry and look for network adapters */ - if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, - "SYSTEM\\CurrentControlSet\\Control\\Network\\{4D36E972-E325-11CE-BFC1-08002BE10318}", - 0, KEY_READ, &key)) - { - ayiya_log(LOG_ERR, NULL, 0, "Could not open the networking registry key\n"); - return false; - } - - for (i = 0; device_handle == INVALID_HANDLE_VALUE; i++) + lenout = sendto(ayiya_socket->socket, (const char *)&s, (unsigned int)n, 0, (struct sockaddr *)&target, sizeof(target)); +#endif + if (lenout < 0) { - len = sizeof(adapterid); - if (RegEnumKeyEx(key, i, adapterid, &len, 0, 0, 0, NULL)) break; - - snprintf(tapname, sizeof(tapname), "\\\\.\\%s.tap", adapterid); - ayiya_log(LOG_DEBUG, NULL, 0, "Trying %s\n", tapname); - device_handle = CreateFile(tapname, GENERIC_WRITE | GENERIC_READ, 0, 0, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM | FILE_FLAG_OVERLAPPED, 0); + ayiya_log(LOG_ERR, beat_name, NULL, 0, "Error (%d) while sending %u bytes sent to network: %s (%d)\n", lenout, n, strerror(errno), errno); } - - RegCloseKey(key); - - if (device_handle == INVALID_HANDLE_VALUE) + else if (n != lenout) { - ayiya_log(LOG_ERR, NULL, 0, "No Tap device found!\n"); - return false; + ayiya_log(LOG_ERR, beat_name, NULL, 0, "Only %u of %u bytes sent to network: %s (%d)\n", lenout, n, strerror(errno), errno); } +} - status = true; - DeviceIoControl(device_handle, TAP_IOCTL_SET_MEDIA_STATUS, &status, sizeof(status), &status, sizeof(status), &len, NULL); +bool ayiya(struct TIC_Tunnel *hTunnel) +{ + SHA_CTX sha1; + struct addrinfo hints, *res, *ressave; +#ifndef _WIN32 + pthread_t thread; +#else + DWORD pID; + HANDLE h; +#endif - { - u_int32_t ep[2]; - /* Use bogus IP's, we just want to get configured as PtP ;) */ - ep[0] = htonl(0x09044504); - ep[1] = htonl(0x09044505); - if (!DeviceIoControl(device_handle, TAP_IOCTL_CONFIG_POINT_TO_POINT, - ep, sizeof(ep), - ep, sizeof(ep), - &len, NULL)) - { - ayiya_log(LOG_ERR, NULL, 0, "Could not set point to point mode..."); - return false; - } - } + /* Setup the tunnel */ + if (!tun_start(&ayiya_tun)) return false; -#endif /* _WIN32 */ /* Resolve hTunnel entries */ memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = AF_INET; @@ -486,7 +363,7 @@ if (getaddrinfo(hTunnel->sIPv4_POP, AYIYA_PORT, &hints, &res) != 0) { - dolog(LOG_ERR, "Couldn't resolve POP IPv4 %s\n", hTunnel->sIPv4_POP); + dolog(LOG_ERR, "Couldn't resolve PoP IPv4 %s\n", hTunnel->sIPv4_POP); return false; } ressave = res; @@ -503,7 +380,7 @@ freeaddrinfo(ressave); if (res == NULL) { - dolog(LOG_ERR, "No valid IPv4 address for POP address %s could be found\n", hTunnel->sIPv4_POP); + dolog(LOG_ERR, "No valid IPv4 address for PoP address %s could be found\n", hTunnel->sIPv4_POP); return false; } @@ -570,26 +447,27 @@ /* Setup listening socket */ ayiya_socket = connect_client(hTunnel->sIPv4_POP , AYIYA_PORT, AF_INET, SOCK_DGRAM); - if (ayiya_socket == -1) + if (!ayiya_socket) { - ayiya_log(LOG_ERR, NULL, 0, "Connection error:: could not create connection to AYIYA server\n"); + ayiya_log(LOG_ERR, "start", NULL, 0, "Connection error:: could not create connection to AYIYA server\n"); return false; } /* Let AICCU configure the thing */ - aiccu_setup(hTunnel, false); + if (!aiccu_setup(hTunnel, false)) + { + return false; + } /* Show that we have started */ - ayiya_log(LOG_INFO, NULL, 0, "Anything in Anything (%s)\n", AYIYA_VERSION); + ayiya_log(LOG_INFO, "start", NULL, 0, "Anything in Anything (%s)\n", AYIYA_VERSION); /* Launch a thread for reader */ #ifndef _WIN32 - pthread_create(&thread, NULL, ayiya_reader, NULL); + pthread_create(&thread, NULL, ayiya_writer, (void *)hTunnel); #else - h = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ayiya_reader, NULL, 0, &pID); + h = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ayiya_writer, hTunnel, 0, &pID); #endif - /* The writer takes over this thread and thus keeps running */ - ayiya_writer(NULL); - return false; + return true; } diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/ayiya.h /tmp/0dDlfsosXk/aiccu-20070115/common/ayiya.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/ayiya.h 2005-01-11 13:16:09.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/ayiya.h 2006-07-18 23:24:30.000000000 +0200 @@ -6,8 +6,8 @@ common/ayiya.c - AYIYA - Anything In Anything *********************************************************** $Author: jeroen $ - $Id: ayiya.h,v 1.5 2005/01/11 12:16:09 jeroen Exp $ - $Date: 2005/01/11 12:16:09 $ + $Id: ayiya.h,v 1.10 2006-07-13 19:33:39 jeroen Exp $ + $Date: 2006-07-13 19:33:39 $ **********************************************************/ #ifndef AYIYA_H @@ -17,8 +17,8 @@ #include "tic.h" /* Anything In Anything - AYIYA (uses UDP in our case) */ -/* The port number spells BETA as there is no IANA assigned port. */ -#define AYIYA_PORT "8374" +#define AYIYA_PORT "5072" +/*#define AYIYA_PORT "8374"*/ /* * AYIYA version (which document this should conform to) @@ -37,7 +37,8 @@ { ayiya_hash_none = 0x0, /* No hash */ ayiya_hash_md5 = 0x1, /* MD5 Signature */ - ayiya_hash_sha1 = 0x2 /* SHA1 Signature */ + ayiya_hash_sha1 = 0x2, /* SHA1 Signature */ + ayiya_hash_umac = 0x3 /* UMAC Signature (UMAC: Message Authentication Code using Universal Hashing / draft-krovetz-umac-04.txt */ }; enum ayiya_auth @@ -62,28 +63,30 @@ struct ayiyahdr { #if BYTE_ORDER == BIG_ENDIAN - u_int32_t ayh_idlen: 4; /* Identity Length */ - u_int32_t ayh_idtype: 4; /* Identity Type */ - u_int32_t ayh_siglen: 4; /* Signature Length */ - u_int32_t ayh_hshmeth:4; /* Hashing Method */ - u_int32_t ayh_autmeth:4; /* Authentication Method */ - u_int32_t ayh_opcode: 4; /* Operation Code */ + uint32_t ayh_idlen: 4; /* Identity Length */ + uint32_t ayh_idtype: 4; /* Identity Type */ + uint32_t ayh_siglen: 4; /* Signature Length */ + uint32_t ayh_hshmeth:4; /* Hashing Method */ + uint32_t ayh_autmeth:4; /* Authentication Method */ + uint32_t ayh_opcode: 4; /* Operation Code */ + uint32_t ayh_nextheader:8; /* Next Header (PROTO_*) */ #elif BYTE_ORDER == LITTLE_ENDIAN - u_int32_t ayh_idtype: 4; /* Identity Type */ - u_int32_t ayh_idlen: 4; /* Identity Length */ - u_int32_t ayh_hshmeth:4; /* Hashing Method */ - u_int32_t ayh_siglen: 4; /* Signature Length */ - u_int32_t ayh_opcode: 4; /* Operation Code */ - u_int32_t ayh_autmeth:4; /* Authentication Method */ + uint32_t ayh_idtype: 4; /* Identity Type */ + uint32_t ayh_idlen: 4; /* Identity Length */ + uint32_t ayh_hshmeth:4; /* Hashing Method */ + uint32_t ayh_siglen: 4; /* Signature Length */ + uint32_t ayh_opcode: 4; /* Operation Code */ + uint32_t ayh_autmeth:4; /* Authentication Method */ + uint32_t ayh_nextheader:8; /* Next Header (PROTO_*) */ #else #error unsupported endianness! #endif - u_int8_t ayh_nextheader; /* Next Header (PROTO_*) */ - u_int32_t ayh_epochtime; /* Time in seconds since "00:00:00 1970-01-01 UTC" */ + uint32_t ayh_epochtime; /* Time in seconds since "00:00:00 1970-01-01 UTC" */ }; /* Functions */ bool ayiya(struct TIC_Tunnel *hTunnel); +void ayiya_beat(void); #endif /* AYIYA_H */ diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/common.c /tmp/0dDlfsosXk/aiccu-20070115/common/common.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/common.c 2005-01-31 20:17:59.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/common.c 2006-12-21 15:08:50.000000000 +0100 @@ -6,8 +6,8 @@ common/common.c - Common Functions *********************************************************** $Author: jeroen $ - $Id: common.c,v 1.5 2005/01/31 19:17:59 jeroen Exp $ - $Date: 2005/01/31 19:17:59 $ + $Id: common.c,v 1.14 2006-12-21 14:08:50 jeroen Exp $ + $Date: 2006-12-21 14:08:50 $ **********************************************************/ /* Dirty dependency for Windows:GUI version */ @@ -30,6 +30,9 @@ void dologA(int level, const char *fmt, va_list ap) { +#ifdef _WIN32 + char buf[1024]; +#endif /* Don't show noise */ if (g_aiccu && !g_aiccu->verbose && level == LOG_DEBUG) return; @@ -37,16 +40,34 @@ if (g_aiccu && g_aiccu->daemonize > 0) vsyslog(LOG_LOCAL7|level, fmt, ap); else { - vprintf(fmt, ap); - fflush(stdout); + vfprintf(stderr, fmt, ap); + fflush(stderr); } #else - char buf[1024]; - vsnprintf(buf,sizeof(buf),fmt,ap); + vsnprintf(buf, sizeof(buf), fmt, ap); #ifndef AICCU_CONSOLE + /* Use the debug facility */ OutputDebugString(buf); + /* Store it in a log file if we are running in verbose mode */ + if (g_aiccu && g_aiccu->verbose) + { + char logfile[1024]; + FILE *f; + + /* Figure out the "C:\Windows" location */ + /* as that is where we store our configuration */ + GetWindowsDirectory(logfile, sizeof(logfile)); + strncat(logfile, "\\aiccu.log", sizeof(logfile)); + f = fopen(logfile, "w+"); + if (f) + { + fwrite(buf, strlen(buf), 1, f); + fclose(f); + } + } + /* * Always store the last message * which can be displayed as errors etc. @@ -58,7 +79,7 @@ #else OutputDebugString("dolog() - "); OutputDebugString(buf); - printf("%s", buf); + fprintf(stderr, "%s", buf); #endif /* AICCU_CONSOLE */ #endif /* !_WIN32 */ } @@ -71,37 +92,6 @@ va_end(ap); } -#ifndef _WIN32 -int sigrunning(int sig) -{ - int pid; - - FILE *f = fopen(AICCU_PID, "r"); - if (!f) return 0; - fscanf(f, "%d", &pid); - fclose(f); - /* If we can HUP it, it still runs */ - return (kill(pid, sig) == 0 ? 1 : 0); -} - -void savepid() -{ - FILE *f = fopen(AICCU_PID, "w"); - if (!f) return; - fprintf(f, "%d", getpid()); - fclose(f); - - dolog(LOG_INFO, "Running as PID %d", getpid()); -} - -void cleanpid(int i) -{ - dolog(LOG_INFO, "Exiting on signal %d...", i); - unlink(AICCU_PID); - exit(0); -} -#endif /* _WIN32 */ - /* * Check if an address is RFC1918 based * This allows us to warn the user that they are behind a NAT @@ -125,22 +115,34 @@ return ret; } -void sock_printf(SOCKET sock, const char *fmt, ...) +void sock_printf(TLSSOCKET sock, const char *fmt, ...) { char buf[2048]; - unsigned int len = 0; + unsigned int len = 0, done = 0; + int ret; va_list ap; va_start(ap, fmt); /* When not a socket send it to the logs */ - if (sock == -1) dologA(LOG_INFO, fmt, ap); + if (sock == NULL || sock->socket == -1) dologA(LOG_INFO, fmt, ap); else { /* Format the string */ len = vsnprintf(buf, sizeof(buf), fmt, ap); /* Send the line(s) over the network */ - send(sock, buf, len, 0); + + while (done < len) + { +#ifdef AICCU_GNUTLS + if (sock->tls_active) ret = gnutls_record_send(sock->session, &buf[done], len-done); + else +#endif + ret = send(sock->socket, &buf[done], len-done, 0); + + if (ret > 0) done+=ret; + else break; + } /* Show this as debug output */ if (g_aiccu->verbose) @@ -162,12 +164,14 @@ * Note: uses internal caching, this should be the only function * used to read from the sock! The internal cache is rbuf. */ -int sock_getline(SOCKET sock, char *rbuf, unsigned int rbuflen, unsigned int *filled, char *ubuf, unsigned int ubuflen) +int sock_getline(TLSSOCKET sock, char *rbuf, unsigned int rbuflen, unsigned int *filled, char *ubuf, unsigned int ubuflen) { unsigned int i; + if (!sock) return -1; + /* A closed socket? -> clear the buffer */ - if (sock == -1) + if (sock->socket == -1) { memset(rbuf, 0, rbuflen); *filled = 0; @@ -234,7 +238,11 @@ E(dolog(LOG_DEBUG, "gl() - Trying to receive (max=%d)...\n", rbuflen-*filled-10);) /* Fill the rest of the buffer */ - i = recv(sock, &rbuf[*filled], rbuflen-*filled-10, 0); +#ifdef AICCU_GNUTLS + if (sock->tls_active) i = gnutls_record_recv(sock->session, &rbuf[*filled], rbuflen-*filled-10); + else +#endif + i = recv(sock->socket, &rbuf[*filled], rbuflen-*filled-10, 0); E(dolog(LOG_DEBUG, "gl() - Received %d\n", i);) @@ -259,11 +267,86 @@ return -1; } +TLSSOCKET sock_alloc(void); +TLSSOCKET sock_alloc(void) +{ +#ifdef AICCU_GNUTLS + /* Allow connections to servers that have OpenPGP keys as well */ + const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 }; + int ret; +#endif /* AICCU_GNUTLS*/ + + TLSSOCKET sock; + + sock = (TLSSOCKET)malloc(sizeof(*sock)); + if (!sock) return NULL; + + sock->socket = -1; + +#ifdef AICCU_GNUTLS + /* TLS is not active yet (use sock_gotls() for that) */ + sock->tls_active = false; + + /* Initialize TLS session */ + ret = gnutls_init(&sock->session, GNUTLS_CLIENT); + if (ret != 0) + { + dolog(LOG_ERR, "TLS Init failed: %s (%d)\n", gnutls_strerror(ret), ret); + free(sock); + return NULL; + } + + /* Use default priorities */ + gnutls_set_default_priority(sock->session); + /* XXX: Return value is not documented in GNUTLS documentation! */ + + gnutls_certificate_type_set_priority(sock->session, cert_type_priority); + /* XXX: Return value is not documented in GNUTLS documentation! */ + + /* Configure the x509 credentials for the current session */ + gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, g_aiccu->tls_cred); + /* XXX: Return value is not documented in GNUTLS documentation! */ + +#endif /* AICCU_GNUTLS*/ + + return sock; +} + +void sock_free(TLSSOCKET sock) +{ + if (!sock) return; + +#ifdef AICCU_GNUTLS + if (sock->tls_active) + { + sock->tls_active = false; + gnutls_bye(sock->session, GNUTLS_SHUT_RDWR); + } +#endif /* AICCU_GNUTLS*/ + + if (sock->socket >= 0) + { + /* Stop communications */ + shutdown(sock->socket, SHUT_RDWR); + closesocket(sock->socket); + sock->socket = -1; + } + +#ifdef AICCU_GNUTLS + gnutls_deinit(sock->session); +#endif /* AICCU_GNUTLS*/ + + free(sock); +} + /* Connect this client to a server */ -SOCKET connect_client(const char *hostname, const char *service, int family, int socktype) +TLSSOCKET connect_client(const char *hostname, const char *service, int family, int socktype) { - SOCKET sock = -1; + TLSSOCKET sock; struct addrinfo hints, *res, *ressave; + + sock = sock_alloc(); + if (!sock) return NULL; memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = family; @@ -272,31 +355,38 @@ if (getaddrinfo(hostname, service, &hints, &res) != 0) { dolog(LOG_ERR, "Couldn't resolve host %s, service %s\n", hostname, service); - return -1; + sock_free(sock); + return NULL; } ressave = res; while (res) { - sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (sock == -1) continue; - if (connect(sock, res->ai_addr, (unsigned int)res->ai_addrlen) == 0) break; - closesocket(sock); - sock = -1; + sock->socket = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (sock->socket == -1) continue; + if (connect(sock->socket, res->ai_addr, (unsigned int)res->ai_addrlen) == 0) break; + closesocket(sock->socket); + sock->socket = -1; res = res->ai_next; } freeaddrinfo(ressave); + if (sock->socket == -1) + { + sock_free(sock); + sock = NULL; + } + return sock; } -SOCKET listen_server(const char *description, const char *hostname, const char *service, int family, int socktype) +TLSSOCKET listen_server(const char *description, const char *hostname, const char *service, int family, int socktype) { struct addrinfo hints, *res, *ressave; int n; - SOCKET sock; + TLSSOCKET sock; socklen_t on = 1; /* D(dolog(LOG_DEBUG, "[%s] Trying to get socket for [%s]:%s over %s (%d) using %s (%d)\n", @@ -306,6 +396,9 @@ socktype == IPPROTO_UDP ? "UDP" : (socktype == IPPROTO_TCP ? "TCP" : "??"), socktype);) */ + sock = sock_alloc(); + if (!sock) return NULL; + memset(&hints, 0, sizeof(struct addrinfo)); /* AI_PASSIVE flag: the resulting address is used to bind @@ -322,42 +415,82 @@ if (n < 0) { dolog(LOG_ERR, "[%s] listen_server setup: getaddrinfo error: %s\n", description, gai_strerror(n)); - return -1; + sock_free(sock); + return NULL; } ressave=res; /* Try to open socket with each address getaddrinfo returned, until we get one valid listening socket. */ - sock = -1; while (res) { - sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol); - if (!(sock < 0)) + sock->socket = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (!(sock->socket < 0)) { - setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (const char *)&on, sizeof(on)); - if (bind(sock, res->ai_addr, (unsigned int)res->ai_addrlen) == 0) break; - closesocket(sock); - sock = -1; + setsockopt(sock->socket, SOL_SOCKET, SO_REUSEADDR, (const char *)&on, sizeof(on)); + if (bind(sock->socket, res->ai_addr, (unsigned int)res->ai_addrlen) == 0) break; + closesocket(sock->socket); + sock->socket = -1; } res = res->ai_next; } - if (sock < 0) + freeaddrinfo(ressave); + + if (sock->socket < 0) { - freeaddrinfo(ressave); dolog(LOG_ERR, "[%s] listen setup: socket error: could not open socket\n", description); - return -1; + sock_free(sock); + return NULL; } - listen(sock, LISTEN_QUEUE); + if (listen(sock->socket, LISTEN_QUEUE) == -1) + { + dolog(LOG_ERR, "[%s] listen setup: socket error: could not listen on socket\n", description); + sock_free(sock); + return NULL; + } dolog(LOG_INFO, "[%s] Listening on [%s]:%s\n", description, hostname, service); - freeaddrinfo(ressave); return sock; } +/* + * Put a socket into TLS mode + */ +#ifdef AICCU_GNUTLS +bool sock_gotls(TLSSOCKET sock) +{ + int ret = 0; + + if (!sock) return false; + + if (sock->tls_active) + { + dolog(LOG_ERR, "Can't go into TLS mode twice!?\n"); + return false; + } + + /* Set the transport */ + gnutls_transport_set_ptr(sock->session, (gnutls_transport_ptr)sock->socket); + + /* Perform the TLS handshake */ + ret = gnutls_handshake(sock->session); + if (ret < 0) + { + dolog(LOG_ERR, "TLS Handshake failed: %s (%d)\n", gnutls_strerror(ret), ret); + return false; + } + + dolog(LOG_DEBUG, "TLS Handshake completed succesfully\n"); + + sock->tls_active = true; + return true; +} +#endif + /* Count the number of fields in */ unsigned int countfields(char *s) { @@ -472,7 +605,7 @@ break; case PLRT_INTEGER: - *((unsigned int *)store) = atoi(val); + *((uint32_t *)store) = atoi(val); break; case PLRT_BOOL: @@ -512,7 +645,7 @@ * MD5 a string * sSignature's size MUST be 32 bytes! */ -void MD5String(char *sString, char *sSignature, unsigned int siglen) +void MD5String(const char *sString, char *sSignature, unsigned int siglen) { struct MD5Context md5c; unsigned char signature[16]; @@ -534,6 +667,16 @@ } } +#ifdef _AIX +/* AIX doesn't have vsyslog() thus we implement it here */ +void vsyslog(int priority, const char *format, va_list ap) +{ + char buf[1024]; + vsnprintf(buf, sizeof(buf), format, ap); + syslog(priority, buf); +} +#endif + #ifdef _WIN32 const char *inet_ntop(int af, const void *src, char *dst, socklen_t cnt) { @@ -575,8 +718,18 @@ while (res) { - memcpy(dst, res->ai_addr, res->ai_addrlen); - res = res->ai_next; + /* Check if AF is correct */ + if (res->ai_family != af) + { + res = res->ai_next; + continue; + } + + /* This is the one we want */ + memcpy(dst, res->ai_addr, af == AF_INET6 ? sizeof(struct in_addr6) : sizeof(struct in_addr)); + + /* We only need one */ + break; } freeaddrinfo(ressave); diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/common.h /tmp/0dDlfsosXk/aiccu-20070115/common/common.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/common.h 2005-01-31 21:32:50.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/common.h 2007-01-11 15:50:51.000000000 +0100 @@ -6,8 +6,8 @@ common/common.h - Common Definitions *********************************************************** $Author: jeroen $ - $Id: common.h,v 1.6 2005/01/31 20:32:50 jeroen Exp $ - $Date: 2005/01/31 20:32:50 $ + $Id: common.h,v 1.23 2007-01-11 14:50:51 jeroen Exp $ + $Date: 2007-01-11 14:50:51 $ **********************************************************/ #ifndef AICCU_COMMON_H @@ -19,11 +19,27 @@ #define D(x) {} #endif -#ifndef __OpenBSD__ +#ifndef _OPENBSD +#ifndef _SUNOS +#ifndef _AIX +#ifndef _XOPEN_SOURCE #define _XOPEN_SOURCE #endif +#endif +#endif +#endif #define __STRICT_ANSI__ +/* Don't deprecate strncat etc. */ +#ifdef _WIN32 +#define _CRT_SECURE_NO_DEPRECATE +#endif + +#ifdef _AIX +#define _H_ARPA_ONAMESER_COMPAT "AICCU workaround" +#include +#endif + #include #include #include @@ -32,11 +48,23 @@ #include #include #include - #include #include #include +#if defined(_SUNOS) || defined(_AIX) || defined(_DARWIN) +/* Include this as it knows quite a bit about endianess */ +#include +#else +#ifndef _WIN32 +#if defined(_OPENBSD) || defined(_DFBSD) || defined(_FREEBSD) || defined(_NETBSD) +#include +#else +#include +#endif +#endif +#endif + /* For MD5 routines */ #define __USE_BSD 1 #include @@ -48,6 +76,10 @@ #include #endif +#ifdef _DARWIN +#define _BSD_SOCKLEN_T_ +#endif + #include #include #include @@ -63,6 +95,29 @@ #ifdef linux #include #include +#else +#ifdef _DFBSD + #include +#else +#ifdef _DARWIN + /* + * Darwin doesn't have TUN/TAP support per default + * It is available from http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ + * which is a port made by Mattias Nissler + * for compiling convienience we have included the ioctl's here + */ + #define TUNSIFHEAD _IOW('t', 96, int) + #define TUNGIFHEAD _IOR('t', 97, int) +#else +#ifndef _AIX + #include +/* endif for !_AIX */ +#endif +/* endif for _DARWIN else */ +#endif +/* endif for _DFBSD else */ +#endif +/* endif for linux else */ #endif #include #include @@ -72,6 +127,10 @@ #include #include +#if defined(_OPENBSD) || defined(_DARWIN) || defined(_FREEBSD) || defined(_DFBSD) + #include +#endif + #include /* @@ -91,18 +150,23 @@ * this between a #ifdef _KERNEL... * Probably against people doing stuff in userspace? */ - #ifndef s6_addr16 - #define s6_addr16 __u6_addr.__u6_addr16 + #ifndef s6_addr + #ifndef _SUNOS + #define s6_addr __u6_addr.__u6_addr8 + #else + #define s6_addr _S6_un._S6_u8 + #endif #endif #else - /* Windows Specifics */ - #include /* Winsock */ #include #include - /* + /* Windows Specifics */ + #include + +/* * Some weird M$ person thought it was * funny to underscore common functions !? */ @@ -110,6 +174,7 @@ #define vsnprintf _vsnprintf #define strcasecmp _stricmp #define strncasecmp _strnicmp + #define strdup _strdup /* * Capitalize this one @@ -123,14 +188,12 @@ #define LOG_WARNING 3 #define LOG_INFO 4 - #ifdef __alpha - typedef unsigned int u_int32_t; - #else typedef unsigned long u_int32_t; - #endif + typedef unsigned long long u_int64_t; typedef unsigned char u_int8_t; typedef unsigned __int16 u_int16_t; + typedef unsigned __int64 u_int64_t; /* Not available in the Winsock2 includes */ #define IPPROTO_NONE 59 /* IPv6 no next header */ @@ -142,18 +205,83 @@ #define __LITTLE_ENDIAN LITTLE_ENDIAN /* Fix byte order */ - #ifdef __alpha - #define __BYTE_ORDER __BIG_ENDIAN - #define BYTE_ORDER BIG_ENDIAN - #else #define __BYTE_ORDER __LITTLE_ENDIAN #define BYTE_ORDER LITTLE_ENDIAN - #endif + + #define s6_addr16 _S6_un.Word + #define SHUT_RDWR SD_BOTH + #define uint8_t u_int8_t + #define uint16_t u_int16_t + #define uint32_t u_int32_t + #define uint64_t u_int64_t + + struct ether + { + uint16_t ether_dhost[3]; + uint16_t ether_shost[3]; + uint16_t ether_type; + }; + + /* The IPv6 Header */ + struct ip6_hdr + { + union + { + struct ip6_hdrctl + { + uint32_t ip6_un1_flow; /* 4 bits version, 8 bits TC, 20 bits flow-ID */ + uint16_t ip6_un1_plen; /* payload length */ + uint8_t ip6_un1_nxt; /* next header */ + uint8_t ip6_un1_hlim; /* hop limit */ + } ip6_un1; + uint8_t ip6_un2_vfc; /* 4 bits version, top 4 bits tclass */ + } ip6_ctlun; + struct in6_addr ip6_src; /* source address */ + struct in6_addr ip6_dst; /* destination address */ + }; + + /* ICMPv6 */ + struct icmp6_hdr + { + uint8_t icmp6_type; /* type field */ + uint8_t icmp6_code; /* code field */ + uint16_t icmp6_cksum; /* checksum field */ + union + { + uint32_t icmp6_un_data32[1]; /* type-specific field */ + uint16_t icmp6_un_data16[2]; /* type-specific field */ + uint8_t icmp6_un_data8[4]; /* type-specific field */ + } icmp6_dataun; + }; + + #define ND_NEIGHBOR_SOLICIT 135 + #define ND_NEIGHBOR_ADVERT 136 + + struct nd_neighbor_solicit + { + struct in6_addr nd_ns_target; /* target address */ + /* could be followed by options */ + }; + + struct nd_neighbor_advert + { + struct in6_addr nd_na_target; /* target address */ + /* could be followed by options */ + uint8_t nd_no_type; /* Option providing the target MAC address */ + uint8_t nd_no_len; /* Length (1) */ + uint8_t nd_no_mac[6]; /* MAC address */ + + }; const char *inet_ntop(int af, const void *src, char *dst, socklen_t cnt); int inet_pton(int af, const char *src, void *dst); #endif /* WIN32 */ + +#ifndef MSG_NOSIGNAL +#define MSG_NOSIGNAL 0 +#endif + #ifndef LITTLE_ENDIAN #define LITTLE_ENDIAN __LITTLE_ENDIAN #endif @@ -169,7 +297,7 @@ /* Boolean support */ #ifndef bool -#define bool int +#define bool uint32_t #endif #ifndef false #define false 0 @@ -186,6 +314,49 @@ #include "hash_md5.h" #include "hash_sha1.h" +/* Resolver includes */ +#ifndef _WIN32 +#include +#include +#include +#include +#endif + +#ifdef AICCU_GNUTLS +#include +#endif + +#ifndef NS_GET16SZ +#define NS_INT32SZ 4 /* #/bytes of data in a u_int32_t */ +#endif + +#ifndef NS_GET32SZ +#define NS_INT16SZ 2 /* #/bytes of data in a u_int16_t */ +#endif + + +#ifndef NS_GET16 +#define NS_GET16(s, cp) do { \ + register u_char *t_cp = (u_char *)(cp); \ + (s) = ((u_int16_t)t_cp[0] << 8) \ + | ((u_int16_t)t_cp[1]) \ + ; \ + (cp) += NS_INT16SZ; \ +} while (0) +#endif + +#ifndef NS_GET32 +#define NS_GET32(l, cp) do { \ + register u_char *t_cp = (u_char *)(cp); \ + (l) = ((u_int32_t)t_cp[0] << 24) \ + | ((u_int32_t)t_cp[1] << 16) \ + | ((u_int32_t)t_cp[2] << 8) \ + | ((u_int32_t)t_cp[3]) \ + ; \ + (cp) += NS_INT32SZ; \ +} while (0) +#endif + /* parseline() rules */ enum pl_ruletype { @@ -200,25 +371,39 @@ struct pl_rule { const char *title; - enum pl_ruletype type; + unsigned int type; unsigned int offset; }; + +struct tlssocket +{ + SOCKET socket; +#ifdef AICCU_GNUTLS + bool tls_active; /* TLS active? */ + gnutls_session session; /* The GnuTLS sesision */ +#endif +}; + +typedef struct tlssocket * TLSSOCKET; + /* Common Functions */ void dologA(int level, const char *fmt, va_list ap); void dolog(int level, const char *fmt, ...); -#ifndef _WIN32 -int sigrunning(int sig); -void savepid(void); -void cleanpid(int i); +#ifdef _AIX +void vsyslog(int priority, const char *format, va_list ap); #endif /* Networking functions */ -void sock_printf(SOCKET sock, const char *fmt, ...); -int sock_getline(SOCKET sock, char *rbuf, unsigned int rbuflen, unsigned int *filled, char *ubuf, unsigned int ubuflen); -SOCKET connect_client(const char *hostname, const char *service, int family, int socktype); -SOCKET listen_server(const char *description, const char *hostname, const char *service, int family, int socktype); +void sock_printf(TLSSOCKET sock, const char *fmt, ...); +int sock_getline(TLSSOCKET sock, char *rbuf, unsigned int rbuflen, unsigned int *filled, char *ubuf, unsigned int ubuflen); +TLSSOCKET connect_client(const char *hostname, const char *service, int family, int socktype); +TLSSOCKET listen_server(const char *description, const char *hostname, const char *service, int family, int socktype); +void sock_free(TLSSOCKET sock); +#ifdef AICCU_GNUTLS +bool sock_gotls(TLSSOCKET sock); +#endif /* Parsing functions */ unsigned int countfields(char *s); @@ -226,7 +411,7 @@ bool parseline(char *line, const char *split, struct pl_rule *rules, void *data); /* Convienience */ -void MD5String(char *sString, char *sSignature, unsigned int siglen); +void MD5String(const char *sString, char *sSignature, unsigned int siglen); bool is_rfc1918(char *ipv4); #endif /* AICCU_COMMON_H */ diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_md5.c /tmp/0dDlfsosXk/aiccu-20070115/common/hash_md5.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_md5.c 2004-09-01 11:58:18.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/hash_md5.c 2006-12-21 14:47:46.000000000 +0100 @@ -27,8 +27,8 @@ #include /* for stupid systems */ #ifdef WORDS_BIGENDIAN -void -byteSwap(UWORD32 *buf, unsigned words) +void byteSwap(UWORD32 *buf, unsigned words); +void byteSwap(UWORD32 *buf, unsigned words) { md5byte *p = (md5byte *)buf; diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_md5.h /tmp/0dDlfsosXk/aiccu-20070115/common/hash_md5.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_md5.h 2004-09-01 11:58:18.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/hash_md5.h 2006-12-21 14:45:17.000000000 +0100 @@ -26,15 +26,19 @@ #include "common.h" #ifdef _WIN32 -#ifdef __alpha -typedef unsigned int uint32; -#else typedef unsigned long uint32; #define UWORD32 uint32 -#endif + +#else /* _WIN32 */ + +#ifdef _SUNOS +typedef unsigned int uint32; +#define UWORD32 uint32 #else #define UWORD32 u_int32_t -#endif +#endif /* _SUNOS */ + +#endif /* _WIN32 */ /* Determine Endianness */ #if BYTE_ORDER == LITTLE_ENDIAN diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_sha1.c /tmp/0dDlfsosXk/aiccu-20070115/common/hash_sha1.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_sha1.c 2004-09-09 10:12:36.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/hash_sha1.c 2006-07-23 18:26:16.000000000 +0200 @@ -42,12 +42,12 @@ #define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ ^block->l[(i+2)&15]^block->l[i&15],1)) -/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */ -#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); -#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); -#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); -#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); -#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); +/* (SHA_R0+SHA_R1), SHA_R2, SHA_R3, SHA_R4 are the different operations used in SHA1 */ +#define SHA_R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); +#define SHA_R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); +#define SHA_R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); +#define SHA_R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); +#define SHA_R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); typedef union _BYTE64QUAD16 { sha1_byte c[64]; @@ -55,7 +55,9 @@ } BYTE64QUAD16; /* Hash a single 512-bit block. This is the core of the algorithm. */ -void SHA1_Transform(sha1_quadbyte state[5], const sha1_byte buffer[64]) { +void SHA1_Transform(sha1_quadbyte state[5], const sha1_byte buffer[64]); +void SHA1_Transform(sha1_quadbyte state[5], const sha1_byte buffer[64]) +{ sha1_quadbyte a, b, c, d, e; BYTE64QUAD16 *block; @@ -67,26 +69,26 @@ d = state[3]; e = state[4]; /* 4 rounds of 20 operations each. Loop unrolled. */ - R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); - R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); - R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); - R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); - R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); - R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); - R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); - R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); - R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); - R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); - R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); - R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); - R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); - R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); - R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); - R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); - R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); - R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); - R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); - R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); + SHA_R0(a,b,c,d,e, 0); SHA_R0(e,a,b,c,d, 1); SHA_R0(d,e,a,b,c, 2); SHA_R0(c,d,e,a,b, 3); + SHA_R0(b,c,d,e,a, 4); SHA_R0(a,b,c,d,e, 5); SHA_R0(e,a,b,c,d, 6); SHA_R0(d,e,a,b,c, 7); + SHA_R0(c,d,e,a,b, 8); SHA_R0(b,c,d,e,a, 9); SHA_R0(a,b,c,d,e,10); SHA_R0(e,a,b,c,d,11); + SHA_R0(d,e,a,b,c,12); SHA_R0(c,d,e,a,b,13); SHA_R0(b,c,d,e,a,14); SHA_R0(a,b,c,d,e,15); + SHA_R1(e,a,b,c,d,16); SHA_R1(d,e,a,b,c,17); SHA_R1(c,d,e,a,b,18); SHA_R1(b,c,d,e,a,19); + SHA_R2(a,b,c,d,e,20); SHA_R2(e,a,b,c,d,21); SHA_R2(d,e,a,b,c,22); SHA_R2(c,d,e,a,b,23); + SHA_R2(b,c,d,e,a,24); SHA_R2(a,b,c,d,e,25); SHA_R2(e,a,b,c,d,26); SHA_R2(d,e,a,b,c,27); + SHA_R2(c,d,e,a,b,28); SHA_R2(b,c,d,e,a,29); SHA_R2(a,b,c,d,e,30); SHA_R2(e,a,b,c,d,31); + SHA_R2(d,e,a,b,c,32); SHA_R2(c,d,e,a,b,33); SHA_R2(b,c,d,e,a,34); SHA_R2(a,b,c,d,e,35); + SHA_R2(e,a,b,c,d,36); SHA_R2(d,e,a,b,c,37); SHA_R2(c,d,e,a,b,38); SHA_R2(b,c,d,e,a,39); + SHA_R3(a,b,c,d,e,40); SHA_R3(e,a,b,c,d,41); SHA_R3(d,e,a,b,c,42); SHA_R3(c,d,e,a,b,43); + SHA_R3(b,c,d,e,a,44); SHA_R3(a,b,c,d,e,45); SHA_R3(e,a,b,c,d,46); SHA_R3(d,e,a,b,c,47); + SHA_R3(c,d,e,a,b,48); SHA_R3(b,c,d,e,a,49); SHA_R3(a,b,c,d,e,50); SHA_R3(e,a,b,c,d,51); + SHA_R3(d,e,a,b,c,52); SHA_R3(c,d,e,a,b,53); SHA_R3(b,c,d,e,a,54); SHA_R3(a,b,c,d,e,55); + SHA_R3(e,a,b,c,d,56); SHA_R3(d,e,a,b,c,57); SHA_R3(c,d,e,a,b,58); SHA_R3(b,c,d,e,a,59); + SHA_R4(a,b,c,d,e,60); SHA_R4(e,a,b,c,d,61); SHA_R4(d,e,a,b,c,62); SHA_R4(c,d,e,a,b,63); + SHA_R4(b,c,d,e,a,64); SHA_R4(a,b,c,d,e,65); SHA_R4(e,a,b,c,d,66); SHA_R4(d,e,a,b,c,67); + SHA_R4(c,d,e,a,b,68); SHA_R4(b,c,d,e,a,69); SHA_R4(a,b,c,d,e,70); SHA_R4(e,a,b,c,d,71); + SHA_R4(d,e,a,b,c,72); SHA_R4(c,d,e,a,b,73); SHA_R4(b,c,d,e,a,74); SHA_R4(a,b,c,d,e,75); + SHA_R4(e,a,b,c,d,76); SHA_R4(d,e,a,b,c,77); SHA_R4(c,d,e,a,b,78); SHA_R4(b,c,d,e,a,79); /* Add the working vars back into context.state[] */ state[0] += a; state[1] += b; diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_sha1.h /tmp/0dDlfsosXk/aiccu-20070115/common/hash_sha1.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/hash_sha1.h 2004-09-01 11:58:18.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/hash_sha1.h 2006-07-18 23:24:30.000000000 +0200 @@ -27,10 +27,6 @@ #ifndef __SHA1_H__ #define __SHA1_H__ -#ifdef __cplusplus -extern "C" { -#endif - #include "common.h" /* Define this if your machine is LITTLE_ENDIAN, otherwise #undef it: */ @@ -40,8 +36,8 @@ */ /* Make sure you define these types for your architecture: */ -typedef u_int32_t sha1_quadbyte; /* 4 byte type */ -typedef u_int8_t sha1_byte; /* single byte type */ +typedef uint32_t sha1_quadbyte; /* 4 byte type */ +typedef uint8_t sha1_byte; /* single byte type */ /* * Be sure to get the above definitions right. For instance, on my @@ -71,9 +67,5 @@ void SHA1_Final(); #endif -#ifdef __cplusplus -} -#endif - #endif diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/heartbeat.c /tmp/0dDlfsosXk/aiccu-20070115/common/heartbeat.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/heartbeat.c 2005-01-11 13:16:09.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/heartbeat.c 2006-12-21 15:08:50.000000000 +0100 @@ -6,8 +6,8 @@ common/heartbeat.c - Heartbeat Code *********************************************************** $Author: jeroen $ - $Id: heartbeat.c,v 1.5 2005/01/11 12:16:09 jeroen Exp $ - $Date: 2005/01/11 12:16:09 $ + $Id: heartbeat.c,v 1.9 2006-12-21 14:08:50 jeroen Exp $ + $Date: 2006-12-21 14:08:50 $ **********************************************************/ #include "heartbeat.h" @@ -31,12 +31,12 @@ /* Get a socket and determine the new IP address */ SOCKET heartbeat_socket( - int *address_changed, + uint32_t *address_changed, int bStaticTunnel, - char *sIPv4Interface, + const char *sIPv4Interface, char **sIPv4Local, - char *sIPv4POP, - char *sIPv4LocalResolve) + const char *sIPv4POP, + const char *sIPv4LocalResolve) { SOCKET sockfd; struct sockaddr sa; @@ -267,7 +267,7 @@ */ void heartbeat_beat(struct TIC_Tunnel *hTunnel) { - int address_changed = 0; + uint32_t address_changed = 0; SOCKET sockfd = -1; D(dolog(LOG_DEBUG, "heartbeat_beat() - Beating from %s\n", hTunnel->sIPv4_Local);) @@ -292,3 +292,4 @@ sockfd = (SOCKET)-1; } } + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/heartbeat.h /tmp/0dDlfsosXk/aiccu-20070115/common/heartbeat.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/heartbeat.h 2005-01-11 13:16:09.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/heartbeat.h 2006-12-21 15:08:50.000000000 +0100 @@ -6,8 +6,8 @@ common/heartbeat.h - Heartbeat Definitions *********************************************************** $Author: jeroen $ - $Id: heartbeat.h,v 1.3 2005/01/11 12:16:09 jeroen Exp $ - $Date: 2005/01/11 12:16:09 $ + $Id: heartbeat.h,v 1.6 2006-12-21 14:08:50 jeroen Exp $ + $Date: 2006-12-21 14:08:50 $ **********************************************************/ #ifndef HEARTBEAT_H @@ -23,12 +23,12 @@ #define HEARTBEAT_PORT "3740" SOCKET heartbeat_socket( - int *address_changed, - int bStaticTunnel, - char *sIPv4Interface, - char **sIPv4Local, - char *sIPv4POP, - char *sIPv4LocalResolve); + uint32_t *address_changed, + int bStaticTunnel, + const char *sIPv4Interface, + char **sIPv4Local, + const char *sIPv4POP, + const char *sIPv4LocalResolve); int heartbeat_send(SOCKET sockfd, char *sIPv4Local, char *sIPv6Local, char *sPassword, bool bBehindNAT); diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/resolver.c /tmp/0dDlfsosXk/aiccu-20070115/common/resolver.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/resolver.c 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/resolver.c 2006-07-23 16:55:14.000000000 +0200 @@ -0,0 +1,209 @@ +/********************************************************** + SixXS - Automatic IPv6 Connectivity Configuration Utility +*********************************************************** + Copyright 2003-2005 SixXS - http://www.sixxs.net +*********************************************************** + common/resolver.c - Simple DNS RR lookup function +*********************************************************** + $Author: jeroen $ + $Id: resolver.c,v 1.3 2006-07-23 14:13:57 jeroen Exp $ + $Date: 2006-07-23 14:13:57 $ +**********************************************************/ + +#include +#include +#include +#include + +#include "resolver.h" + +#ifndef _WIN32 +#include +#include +#include +#include +#include + +int getrrs(const char *label, int rrtype, void gotrec(unsigned int num, int type, const char *record)) +{ +#ifdef _LINUX + struct __res_state res; +#endif + unsigned char answer[8192]; + HEADER *header = (HEADER *)answer; + char buf[2048]; + int ret, count; + unsigned int i,j,k,rrnum = 0; + unsigned char *startptr, *endptr, *ptr; + uint16_t type = 0, class = 0; + uint32_t ttl = 0; + +#ifdef _LINUX + memset(&res, 0, sizeof(res)); + res.options = RES_DEBUG; + res_ninit(&res); +#else + res_init(); +#endif + + memset(answer, 0, sizeof(answer)); +#ifdef _LINUX + ret = res_nquery(&res, label, C_IN, rrtype, answer, sizeof(answer)); +#else + ret = res_query(label, C_IN, rrtype, answer, sizeof(answer)); +#endif + if (ret < 0) return -1; + + /* Our start and end */ + startptr = &answer[0]; + endptr = &answer[ret]; + + /* Skip the header */ + ptr = startptr + HFIXEDSZ; + + /* Skip Query part */ + for (count = ntohs(header->qdcount); count--; ptr += ret + QFIXEDSZ) + { + if ((ret = dn_skipname(ptr, endptr)) < 0) return -1; + } + + /* Only look at the Answer section */ + count = ntohs(header->ancount); + + /* Go through all the Answer records */ + while (ptr < endptr && count > 0) + { + rrnum++; + + memset(buf, 0, sizeof(buf)); + ret = dn_expand (startptr, endptr, ptr, buf, sizeof(buf)); + if (ret < 0) break; + ptr += ret; + + if (ptr + INT16SZ + INT16SZ + INT32SZ >= endptr) break; + + /* Get the type */ + NS_GET16(type, ptr); + + /* Get the class */ + NS_GET16(class, ptr); + + /* Get the TTL */ + NS_GET32(ttl, ptr); + + /* Get the RDLength */ + NS_GET16(ret, ptr); + + memset(buf, 0, sizeof(buf)); + + switch (type) + { + case T_TXT: + for (k = ret, j = 0; j < k && &ptr[j] < endptr; j += (i+1)) + { + i = ptr[j]; + memcpy(buf, &ptr[j+1], i > sizeof(buf) ? sizeof(buf) : i); + buf[i > sizeof(buf) ? sizeof(buf) : i] = '\0'; + if (rrtype == type || rrtype == T_ANY) gotrec(rrnum, type, buf); + } + break; + + case T_A: + inet_ntop(AF_INET, ptr, buf, sizeof(buf)); + if (rrtype == type || rrtype == T_ANY) gotrec(rrnum, type, buf); + break; + + case T_AAAA: + inet_ntop(AF_INET6, ptr, buf, sizeof(buf)); + if (rrtype == type || rrtype == T_ANY) gotrec(rrnum, type, buf); + break; + + case T_MX: + /* Get the MX preference */ + NS_GET16(ttl, ptr); + ret = dn_expand(startptr, endptr, ptr, buf, sizeof(buf)); + if (rrtype == type || rrtype == T_ANY) gotrec(rrnum, type, buf); + break; + + case T_NS: + ret = dn_expand(startptr, endptr, ptr, buf, sizeof(buf)); + if (rrtype == type || rrtype == T_ANY) gotrec(rrnum, type, buf); + break; + + default: + /* Unhandled */ + break; + } + + ptr += ret; + count--; + } + return 0; +} +#else +/* + * Windows Resolver Code, as per: + * http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dns/dns/dnsquery.asp + * http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B831226 + */ +#include + +int getrrs(const char *label, int rrtype, void gotrec(unsigned int num, int type, const char *record)) +{ + DNS_STATUS status; /* Return value of DnsQuery_A() function */ + PDNS_RECORD pResult, pRec; /* Pointer to DNS_RECORD structure */ + unsigned int rrnum = 0, i; + uint16_t type; + + status = DnsQuery(label, /* Pointer to OwnerName */ + rrtype, /* Type of the record to be queried */ + DNS_QUERY_STANDARD, /* Standard Query */ + NULL, /* Contains DNS server IP address */ + &pResult, /* Resource record that contains the response */ + NULL); /* Reserved for future use */ + + if (status) return -1; + else + { + for (pRec = pResult; pRec; pRec = pRec->pNext) + { + rrnum++; + type = pRec->wType; + + if (rrtype != type && rrtype != ns_t_any) continue; + + switch (type) + { + case ns_t_txt: + for (i=0; i < pRec->Data.TXT.dwStringCount; i++) + { + gotrec(rrnum, type, pRec->Data.TXT.pStringArray[i]); + } + break; + + case ns_t_a: + gotrec(rrnum, type, (const char *)&pRec->Data.A.IpAddress); + break; + + case ns_t_aaaa: + gotrec(rrnum, type, (const char *)&pRec->Data.AAAA.Ip6Address); + break; + + case ns_t_mx: + gotrec(rrnum, type, pRec->Data.MX.pNameExchange); + break; + + case ns_t_ns: + gotrec(rrnum, type, pRec->Data.NS.pNameHost); + break; + } + } + } + + /* Free memory allocated for DNS records. */ + DnsRecordListFree(pResult, DnsFreeRecordListDeep); + + return 0; +} +#endif + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/resolver.h /tmp/0dDlfsosXk/aiccu-20070115/common/resolver.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/resolver.h 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/resolver.h 2006-07-18 23:24:30.000000000 +0200 @@ -0,0 +1,84 @@ +/********************************************************** + SixXS - Automatic IPv6 Connectivity Configuration Utility +*********************************************************** + Copyright 2003-2005 SixXS - http://www.sixxs.net +*********************************************************** + common/resolver.h - Simple DNS RR lookup function +*********************************************************** + $Author: jeroen $ + $Id: resolver.h,v 1.2 2006-07-13 19:33:39 jeroen Exp $ + $Date: 2006-07-13 19:33:39 $ +**********************************************************/ + +#ifndef RESOLVER_H +#define RESOLVER_H "H5K7:W3NDY5UU5N1K1N1C0l3" + +#include "common.h" + +int getrrs(const char *label, int type, void gotrec(unsigned int num, int type, const char *record)); + +#ifdef _WIN32 +/* + * Windows doesn't have these, there they are named DNS_TYPE_* + * but the identical values so we can use them here too. + * Looted from arpa/nameser.h which has a BSD license for UC & ISC + */ +/* + * Currently defined type values for resources and queries. + */ +typedef enum __ns_type { + ns_t_invalid = 0, /* Cookie. */ + ns_t_a = 1, /* Host address. */ + ns_t_ns = 2, /* Authoritative server. */ + ns_t_md = 3, /* Mail destination. */ + ns_t_mf = 4, /* Mail forwarder. */ + ns_t_cname = 5, /* Canonical name. */ + ns_t_soa = 6, /* Start of authority zone. */ + ns_t_mb = 7, /* Mailbox domain name. */ + ns_t_mg = 8, /* Mail group member. */ + ns_t_mr = 9, /* Mail rename name. */ + ns_t_null = 10, /* Null resource record. */ + ns_t_wks = 11, /* Well known service. */ + ns_t_ptr = 12, /* Domain name pointer. */ + ns_t_hinfo = 13, /* Host information. */ + ns_t_minfo = 14, /* Mailbox information. */ + ns_t_mx = 15, /* Mail routing information. */ + ns_t_txt = 16, /* Text strings. */ + ns_t_rp = 17, /* Responsible person. */ + ns_t_afsdb = 18, /* AFS cell database. */ + ns_t_x25 = 19, /* X_25 calling address. */ + ns_t_isdn = 20, /* ISDN calling address. */ + ns_t_rt = 21, /* Router. */ + ns_t_nsap = 22, /* NSAP address. */ + ns_t_nsap_ptr = 23, /* Reverse NSAP lookup (deprecated). */ + ns_t_sig = 24, /* Security signature. */ + ns_t_key = 25, /* Security key. */ + ns_t_px = 26, /* X.400 mail mapping. */ + ns_t_gpos = 27, /* Geographical position (withdrawn). */ + ns_t_aaaa = 28, /* Ip6 Address. */ + ns_t_loc = 29, /* Location Information. */ + ns_t_nxt = 30, /* Next domain (security). */ + ns_t_eid = 31, /* Endpoint identifier. */ + ns_t_nimloc = 32, /* Nimrod Locator. */ + ns_t_srv = 33, /* Server Selection. */ + ns_t_atma = 34, /* ATM Address */ + ns_t_naptr = 35, /* Naming Authority PoinTeR */ + ns_t_kx = 36, /* Key Exchange */ + ns_t_cert = 37, /* Certification record */ + ns_t_a6 = 38, /* IPv6 address (deprecates AAAA) */ + ns_t_dname = 39, /* Non-terminal DNAME (for IPv6) */ + ns_t_sink = 40, /* Kitchen sink (experimentatl) */ + ns_t_opt = 41, /* EDNS0 option (meta-RR) */ + ns_t_tsig = 250, /* Transaction signature. */ + ns_t_ixfr = 251, /* Incremental zone transfer. */ + ns_t_axfr = 252, /* Transfer zone of authority. */ + ns_t_mailb = 253, /* Transfer mailbox records. */ + ns_t_maila = 254, /* Transfer mail agent records. */ + ns_t_any = 255, /* Wildcard match. */ + ns_t_zxfr = 256, /* BIND-specific, nonstandard. */ + ns_t_max = 65536 +} ns_type; +#endif + +#endif /* RESOLVER_H */ + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/tic.c /tmp/0dDlfsosXk/aiccu-20070115/common/tic.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/tic.c 2005-02-02 19:52:29.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/tic.c 2007-01-11 14:41:31.000000000 +0100 @@ -3,11 +3,11 @@ *********************************************************** Copyright 2003-2005 SixXS - http://www.sixxs.net *********************************************************** - common/tic.h - Tunnel Information & Control Protocol + common/tic.c - Tunnel Information & Control Protocol *********************************************************** $Author: jeroen $ - $Id: tic.c,v 1.5 2005/02/02 18:52:29 jeroen Exp $ - $Date: 2005/02/02 18:52:29 $ + $Id: tic.c,v 1.17 2007-01-11 13:41:31 jeroen Exp $ + $Date: 2007-01-11 13:41:31 $ **********************************************************/ #include "common.h" @@ -60,12 +60,12 @@ return 0; } -bool tic_Login(struct TIC_conf *tic, char *username, char *password) +bool tic_Login(struct TIC_conf *tic, const char *username, const char *password, const char *server) { char buf[1024], sSignature[33], sChallenge[1024]; int i; #ifndef _WIN32 - struct utsname utsname; + struct utsname uts_name; #else OSVERSIONINFO osv; OSVERSIONINFOEX osvEx; @@ -73,11 +73,13 @@ char version[100]; #endif -/* Connect to the TIC server */ - tic->sock = connect_client(TIC_SERVER, TIC_PORT, AF_INET, SOCK_STREAM); - if (tic->sock == -1) + D(dolog(LOG_DEBUG, "Trying to connect to TIC server %s\n", server)); + + /* Connect to the TIC server */ + tic->sock = connect_client(server, TIC_PORT, AF_INET, SOCK_STREAM); + if (!tic->sock) { - dolog(LOG_ERR, "Couldn't connect to the TIC server\n"); + dolog(LOG_ERR, "Couldn't connect to the TIC server %s\n", server); return false; } @@ -92,13 +94,13 @@ return false; } -/* Send our client identification */ + /* Send our client identification */ #ifndef _WIN32 - uname(&utsname); + uname(&uts_name); sock_printf(tic->sock, "client TIC/%s %s/%s %s/%s\n", TIC_VERSION, TIC_CLIENT_NAME, TIC_CLIENT_VERSION, - utsname.sysname, utsname.release); + uts_name.sysname, uts_name.release); #else osv.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); osvEx.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); @@ -153,7 +155,7 @@ return false; } - /* Request current time */ + /* Request current time */ sock_printf(tic->sock, "get unixtime\n"); /* Fetch the answer */ @@ -173,12 +175,38 @@ { char quitmsg[100]; dolog(LOG_ERR, "The clock is off by %d seconds, use NTP to sync it!\n", i); - snprintf(quitmsg, sizeof(quitmsg), "QUIT Aborting: Clock is off by %d seconds\n", i); + snprintf(quitmsg, sizeof(quitmsg), "Aborting: Clock is off by %d seconds\n", i); tic_Logout(tic, quitmsg); return false; } - /* Send our username */ +#ifdef AICCU_GNUTLS + /* Upgrade to TLS */ + sock_printf(tic->sock, "starttls\n"); + + /* Fetch the welcome */ + if (sock_getline(tic->sock, tic_buf, sizeof(tic_buf), &tic_filled, buf, sizeof(buf)) == -1) + { + return false; + } + if (buf[0] == '2') + { + /* Go to TLS mode */ + if (!sock_gotls(tic->sock)) return false; + } + else + { + if (g_aiccu->requiretls) + { + dolog(LOG_ERR, "TIC Server does not support TLS and TLS is required\n"); + return false; + } + if (g_aiccu->verbose) dolog(LOG_WARNING, "TIC Server does not support TLS but TLS is not required, continuing\n"); + } + +#endif + + /* Send our username */ sock_printf(tic->sock, "username %s\n", username); /* Fetch the answer */ @@ -192,7 +220,7 @@ return false; } - /* Pick a challenge */ + /* Pick a challenge */ sock_printf(tic->sock, "challenge md5\n"); /* Fetch the answer */ @@ -227,11 +255,11 @@ return false; } -/* Connect OK */ + /* Connect OK */ return true; } -void tic_Logout(struct TIC_conf *tic, char *quitmsg) +void tic_Logout(struct TIC_conf *tic, const char *quitmsg) { /* A list of appropriate quit messages */ const char *byers[] = { @@ -318,7 +346,7 @@ }; /* Already disconnected? */ - if (tic->sock == -1) return; + if (!tic->sock) return; if (!quitmsg) { @@ -332,9 +360,8 @@ sock_printf(tic->sock, "QUIT %s\n", quitmsg); /* Disconnect */ - shutdown(0, SHUT_RDWR); - closesocket(tic->sock); - tic->sock = -1; + sock_free(tic->sock); + tic->sock = NULL; } struct TIC_sTunnel *tic_ListTunnels(struct TIC_conf *tic) @@ -442,10 +469,11 @@ {"AdminState", PLRT_STRING, offsetof(struct TIC_Tunnel, sAdminState)}, {"Password", PLRT_STRING, offsetof(struct TIC_Tunnel, sPassword)}, {"Heartbeat_Interval", PLRT_INTEGER, offsetof(struct TIC_Tunnel, nHeartbeat_Interval)}, + {"Tunnel MTU", PLRT_INTEGER, offsetof(struct TIC_Tunnel, nMTU)}, {NULL, PLRT_END, 0}, }; -struct TIC_Tunnel *tic_GetTunnel(struct TIC_conf *tic, char *sId) +struct TIC_Tunnel *tic_GetTunnel(struct TIC_conf *tic, const char *sId) { char buf[1024]; struct TIC_Tunnel *tun; @@ -488,12 +516,12 @@ { struct in6_addr ipv6_ll, ipv6_local; char ll[100]; - uint16_t v6; - inet_pton(AF_INET6, tun->sIPv6_Local, &ipv6_local); + /* Log that the fetch was succesful */ + dolog(LOG_INFO, "Succesfully retrieved tunnel information for %s\n", sId); /* - * TUN/TAP devices don't have any + * Some TUN/TAP devices don't have any * link local addresses and we want multicast and MLD to work * thus we invent one based on the following: * @@ -506,24 +534,50 @@ * As we are not 100% sure that this LL is unique we clear that bit. */ + inet_pton(AF_INET6, tun->sIPv6_Local, &ipv6_local); + /* Link Local (fe80::/64) */ - ipv6_ll.s6_addr16[0] = htons(0xfe80); - ipv6_ll.s6_addr16[1] = 0x00; - ipv6_ll.s6_addr16[2] = 0x00; - ipv6_ll.s6_addr16[3] = 0x00; - - /* Clear the LL Unique Bit */ - v6 = ntohs(ipv6_local.s6_addr16[1]) & 0xfffc; - ipv6_ll.s6_addr16[4] = htons(v6); - ipv6_ll.s6_addr16[5] = ipv6_local.s6_addr16[2]; - ipv6_ll.s6_addr16[6] = ipv6_local.s6_addr16[3]; - ipv6_ll.s6_addr16[7] = ipv6_local.s6_addr16[7]; + ipv6_ll.s6_addr[ 0] = 0xfe; + ipv6_ll.s6_addr[ 1] = 0x80; + ipv6_ll.s6_addr[ 2] = 0x00; + ipv6_ll.s6_addr[ 3] = 0x00; + ipv6_ll.s6_addr[ 4] = 0x00; + ipv6_ll.s6_addr[ 5] = 0x00; + ipv6_ll.s6_addr[ 6] = 0x00; + ipv6_ll.s6_addr[ 7] = 0x00; + ipv6_ll.s6_addr[ 8] = ipv6_local.s6_addr[ 2] & 0xfc; /* Clear the LL Unique Bit */ + ipv6_ll.s6_addr[ 9] = ipv6_local.s6_addr[ 3]; + ipv6_ll.s6_addr[10] = ipv6_local.s6_addr[ 4]; + ipv6_ll.s6_addr[11] = ipv6_local.s6_addr[ 5]; + ipv6_ll.s6_addr[12] = ipv6_local.s6_addr[ 6]; + ipv6_ll.s6_addr[13] = ipv6_local.s6_addr[ 7]; + ipv6_ll.s6_addr[14] = ipv6_local.s6_addr[14]; + ipv6_ll.s6_addr[15] = ipv6_local.s6_addr[15]; inet_ntop(AF_INET6, &ipv6_ll, ll, sizeof(ll)); if (tun->sIPv6_LinkLocal) free(tun->sIPv6_LinkLocal); tun->sIPv6_LinkLocal = strdup(ll); - - dolog(LOG_INFO, "Succesfully retrieved tunnel information for %s\n", sId); + + if ( strcmp(tun->sType, "ayiya") == 0 || + strcmp(tun->sType, "l2tp") == 0) + { + tun->uses_tundev = 1; +#ifdef NO_IFHEAD + dolog(LOG_ERR, "This build doesn't support the Tun/TAP device and thus can't instantiate tunnels of type %s, please fix your OS and recompile\n", tun->sType); + tic_Free_Tunnel(tun); + return NULL; +#endif + } + else tun->uses_tundev = 0; + + /* Need to override the local IPv4 address? */ + if (g_aiccu->local_ipv4_override) + { + dolog(LOG_INFO, "Overriding Local IPv4 address from %s to %s\n", tun->sIPv4_Local, g_aiccu->local_ipv4_override); + free(tun->sIPv4_Local); + tun->sIPv4_Local = strdup(g_aiccu->local_ipv4_override); + } + return tun; } @@ -534,7 +588,7 @@ return NULL; } -struct TIC_Route *tic_GetRoute(struct TIC_conf *tic, char *sId) +struct TIC_Route *tic_GetRoute(struct TIC_conf *tic, const char *sId) { dolog(LOG_ERR, "Not implemented - tic_GetRoute(%x, \"%s\")\n", tic, sId); return NULL; @@ -557,7 +611,7 @@ {NULL, PLRT_END, 0}, }; -struct TIC_POP *tic_GetPOP(struct TIC_conf *tic, char *sId) +struct TIC_POP *tic_GetPOP(struct TIC_conf *tic, const char *sId) { char buf[1024]; struct TIC_POP *pop; @@ -652,17 +706,18 @@ void tic_Free_Tunnel(struct TIC_Tunnel *tun) { - if (tun->sId) free(tun->sId); - if (tun->sType) free(tun->sType); - if (tun->sPOP_Id) free(tun->sPOP_Id); - if (tun->sUserState) free(tun->sUserState); - if (tun->sAdminState) free(tun->sAdminState); - if (tun->sPassword) free(tun->sPassword); - if (tun->sIPv4_Local) free(tun->sIPv4_Local); - if (tun->sIPv4_POP) free(tun->sIPv4_POP); - if (tun->sIPv6_Local) free(tun->sIPv6_Local); - if (tun->sIPv6_POP) free(tun->sIPv6_POP); + if (tun->sId) { free(tun->sId); tun->sId = NULL; } + if (tun->sType) { free(tun->sType); tun->sType = NULL; } + if (tun->sPOP_Id) { free(tun->sPOP_Id); tun->sPOP_Id = NULL; } + if (tun->sUserState) { free(tun->sUserState); tun->sUserState = NULL; } + if (tun->sAdminState) { free(tun->sAdminState); tun->sAdminState = NULL; } + if (tun->sPassword) { free(tun->sPassword); tun->sPassword = NULL; } + if (tun->sIPv4_Local) { free(tun->sIPv4_Local); tun->sIPv4_Local = NULL; } + if (tun->sIPv4_POP) { free(tun->sIPv4_POP); tun->sIPv4_POP = NULL; } + if (tun->sIPv6_Local) { free(tun->sIPv6_Local); tun->sIPv6_Local = NULL; } + if (tun->sIPv6_POP) { free(tun->sIPv6_POP); tun->sIPv6_POP = NULL; } free(tun); + tun = NULL; } void tic_Free_Route(struct TIC_Route *rt) diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/tic.h /tmp/0dDlfsosXk/aiccu-20070115/common/tic.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/tic.h 2005-01-31 20:05:52.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/tic.h 2006-12-21 15:08:50.000000000 +0100 @@ -6,8 +6,8 @@ common/tic.h - Tunnel Information & Control Protocol *********************************************************** $Author: jeroen $ - $Id: tic.h,v 1.4 2005/01/31 19:05:52 jeroen Exp $ - $Date: 2005/01/31 19:05:52 $ + $Id: tic.h,v 1.12 2006-12-21 14:08:50 jeroen Exp $ + $Date: 2006-12-21 14:08:50 $ **********************************************************/ #ifndef TIC_H @@ -19,8 +19,6 @@ * Tunnel Information Control Protocol * server */ -#define TIC_SERVER "tic.sixxs.net" - /* port - uses TCP over IPv4 */ #define TIC_PORT "3874" @@ -48,7 +46,6 @@ /* IPv6 information */ char *sIPv6_Local; /* Local endpoint */ char *sIPv6_POP; /* POP endpoint */ - unsigned int nIPv6_PrefixLength; /* Length of the prefix's */ char *sIPv6_LinkLocal; /* Link local address */ /* POP information */ @@ -60,7 +57,12 @@ /* AYIYA & Heartbeat */ char *sPassword; /* Password for the tunnel */ - int nHeartbeat_Interval; /* Heartbeat interval */ + uint32_t nHeartbeat_Interval; /* Heartbeat interval */ + + /* Misc */ + uint32_t uses_tundev; /* Uses Tunnel (tun/tap) device? */ + uint32_t nIPv6_PrefixLength; /* Length of the prefix's */ + uint32_t nMTU; /* MTU size */ }; /* * = 0.0.0.0 for all the dynamic tunnels */ @@ -78,7 +80,8 @@ char *sId; /* Route Id */ char *sTunnelId; /* Tunnel Id */ struct in6_addr xIPv6; /* Prefix */ - unsigned int nPrefixLength; /* Length of the prefix */ + uint32_t nPrefixLength; /* Length of the prefix */ + uint32_t __pad; }; @@ -109,7 +112,7 @@ */ struct TIC_conf { - SOCKET sock; /* The socket to which we are connected */ + TLSSOCKET sock; /* The socket to which we are connected */ }; /********************************************************** @@ -117,11 +120,11 @@ **********************************************************/ /* Login to/Logout from the TIC Server */ -bool tic_Login(struct TIC_conf *tic, char *username, char *password); -void tic_Logout(struct TIC_conf *tic, char *quitmsg); +bool tic_Login(struct TIC_conf *tic, const char *username, const char *password, const char *server); +void tic_Logout(struct TIC_conf *tic, const char *quitmsg); /* Check if the time is in range */ -bool tic_checktime(time_t epochtime); +int tic_checktime(time_t epochtime); /* Get Tunnel/Route/POP List */ struct TIC_sTunnel *tic_ListTunnels(struct TIC_conf *tic); @@ -129,9 +132,9 @@ struct TIC_sPOP *tic_ListPOPs(struct TIC_conf *tic); /* Get Tunnel/Route/POP Information */ -struct TIC_Tunnel *tic_GetTunnel(struct TIC_conf *tic, char *sId); -struct TIC_Route *tic_GetRoute(struct TIC_conf *tic, char *sId); -struct TIC_POP *tic_GetPOP(struct TIC_conf *tic, char *sId); +struct TIC_Tunnel *tic_GetTunnel(struct TIC_conf *tic, const char *sId); +struct TIC_Route *tic_GetRoute(struct TIC_conf *tic, const char *sId); +struct TIC_POP *tic_GetPOP(struct TIC_conf *tic, const char *sId); /* Free Information structures */ void tic_Free_sTunnel(struct TIC_sTunnel *tun); diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/tun.c /tmp/0dDlfsosXk/aiccu-20070115/common/tun.c --- /tmp/h6kCLsMZDY/aiccu-20050131/common/tun.c 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/tun.c 2007-01-11 14:11:11.000000000 +0100 @@ -0,0 +1,866 @@ +/********************************************************** + SixXS - Automatic IPv6 Connectivity Configuration Utility +*********************************************************** + Copyright 2003-2005 SixXS - http://www.sixxs.net +*********************************************************** + common/tun.c - Tunnel Device Handling +*********************************************************** + $Author: jeroen $ + $Id: tun.c,v 1.14 2007-01-11 00:29:18 jeroen Exp $ + $Date: 2007-01-11 00:29:18 $ +**********************************************************/ + +#include "tun.h" +#include "aiccu.h" + +/* The tun/tap device HANDLE */ +#ifndef _WIN32 +int tun_fd; + +/* + * HAS_IFHEAD -> Tunnel Device produces packets with a tun_pi in the front + * NEED_IFHEAD -> Tunnel Device produces packets with a tun_pi in the front, but it is not active per default + */ + +#else +HANDLE device_handle = INVALID_HANDLE_VALUE; +#define ETH_P_IPV6 0x86dd +#define ETH_ALEN 6 +struct ether_header +{ + uint8_t ether_dhost[ETH_ALEN]; /* destination eth addr */ + uint8_t ether_shost[ETH_ALEN]; /* source ether addr */ + uint16_t ether_type; /* packet type ID field */ +}; + +/* Tap device constants which we use */ +#define TAP_CONTROL_CODE(request,method) CTL_CODE(FILE_DEVICE_UNKNOWN, request, method, FILE_ANY_ACCESS) +#define TAP_IOCTL_GET_VERSION TAP_CONTROL_CODE(2, METHOD_BUFFERED) +#define TAP_IOCTL_CONFIG_POINT_TO_POINT TAP_CONTROL_CODE(5, METHOD_BUFFERED) +#define TAP_IOCTL_SET_MEDIA_STATUS TAP_CONTROL_CODE(6, METHOD_BUFFERED) +#define TAP_REGISTRY_KEY "SYSTEM\\CurrentControlSet\\Control\\Network\\{4D36E972-E325-11CE-BFC1-08002BE10318}" +#define TAP_ADAPTER_KEY "SYSTEM\\CurrentControlSet\\Control\\Class\\{4D36E972-E325-11CE-BFC1-08002BE10318}" +#define TAP_DEVICE_DIR "\\\\.\\Global\\" +#define TAP_WIN32_MIN_MAJOR 8 +#define TAP_WIN32_MIN_MINOR 1 +#define TAP_COMPONENT_ID1 "tap0801" /* Original Tun/Tap driver ID */ +#define TAP_COMPONENT_ID2 "tap0802" /* Windows Vista marked 801 as broken, thus use another ID */ + +#endif + +void tun_log(int level, const char *what, const char *fmt, ...); +void tun_log(int level, const char *what, const char *fmt, ...) +{ + char buf[1024]; + va_list ap; + + /* Clear them just in case */ + memset(buf, 0, sizeof(buf)); + + snprintf(buf, sizeof(buf), "[tun-%s] ", what); + + /* Print the log message behind it */ + va_start(ap, fmt); + vsnprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), fmt, ap); + va_end(ap); + + /* Actually Log it */ + dolog(level, buf); +} + +static const char reader_name[] = "tundev->tun"; +static const char writer_name[] = "tun->tundev"; + +#ifdef _WIN32 +/* Windows doesn't have writev() but does have WSASend */ +int writev(SOCKET sock, const struct iovec *vector, DWORD count) +{ + DWORD sent; + WSASend(sock, (LPWSABUF)vector, count, &sent, 0, NULL, NULL); + return sent; +} + +uint16_t inchksum(const void *data, uint32_t length); +uint16_t inchksum(const void *data, uint32_t length) +{ + register long sum = 0; + register const uint16_t *wrd = (const uint16_t *)data; + register long slen = (long)length; + + while (slen >= 2) + { + sum += *wrd++; + slen-=2; + } + + if (slen > 0) sum+=*(const uint8_t *)wrd; + + while (sum >> 16) sum = (sum & 0xffff) + (sum >> 16); + + return (uint16_t)sum; +} + +uint16_t ipv6_checksum(const struct ip6_hdr *ip6, uint8_t protocol, const void *data, const uint16_t length); +uint16_t ipv6_checksum(const struct ip6_hdr *ip6, uint8_t protocol, const void *data, const uint16_t length) +{ + struct + { + uint16_t length; + uint16_t zero1; + uint8_t zero2; + uint8_t next; + } pseudo; + register uint32_t chksum = 0; + + pseudo.length = htons(length); + pseudo.zero1 = 0; + pseudo.zero2 = 0; + pseudo.next = protocol; + + /* IPv6 Source + Dest */ + chksum = inchksum(&ip6->ip6_src, sizeof(ip6->ip6_src) + sizeof(ip6->ip6_dst)); + chksum += inchksum(&pseudo, sizeof(pseudo)); + chksum += inchksum(data, length); + + /* Wrap in the carries to reduce chksum to 16 bits. */ + chksum = (chksum >> 16) + (chksum & 0xffff); + chksum += (chksum >> 16); + + /* Take ones-complement and replace 0 with 0xFFFF. */ + chksum = (uint16_t) ~chksum; + if (chksum == 0UL) chksum = 0xffffUL; + return (uint16_t)chksum; +} +#endif + +/* + * Tun -> Socket + * + * Needs to be started in a separate thread + * This gets done by tun_start() + * + */ +#ifndef _WIN32 +void *tun_reader(void *arg); +void *tun_reader(void *arg) +#else +DWORD WINAPI tun_reader(LPVOID arg); +DWORD WINAPI tun_reader(LPVOID arg) +#endif +{ + unsigned char buf[2048]; + + /* The function that actually does something with the buffer */ + struct tun_reader *tun = (struct tun_reader *)arg; + +#ifdef _WIN32 + DWORD n, lenin; + OVERLAPPED overlapped; + unsigned int errcount = 0; + + struct nd_sol + { + struct ip6_hdr ip; + struct icmp6_hdr icmp; + struct nd_neighbor_solicit sol; + } *solic = (struct nd_sol *)&buf[sizeof(struct ether)]; + + struct nd_adv + { + struct ip6_hdr ip; + struct icmp6_hdr icmp; + struct nd_neighbor_advert adv; + } advert; + + /* Create an event for overlapped results */ + overlapped.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); +#else + ssize_t n; +#endif + + /* Forever */ + while (true) + { +#ifndef _WIN32 + n = read(tun_fd, buf, sizeof(buf)); + if (n <= 0) + { + /* Only report issues when the tunnel is actually up and running */ + if (g_aiccu->tunrunning) tun_log(LOG_ERR, reader_name, "Read error on Tun Device: %s (%d)\n", strerror(errno), errno); + continue; + } + +#if defined(NEED_IFHEAD) || defined(HAS_IFHEAD) + /* get the tun_pi struct out of there */ + memmove(&buf, &buf[4], n-4); + n-=4; +#endif + + tun->function((char *)buf, (unsigned int)n); +#else /* Windows */ + overlapped.Offset = 0; + overlapped.OffsetHigh = 0; + + memset(buf,0,sizeof(buf)); + n = ReadFile(device_handle, buf, sizeof(buf), &lenin, &overlapped); + if (!n) + { + while (!n && GetLastError() == ERROR_IO_PENDING) + { + if (WaitForSingleObject(overlapped.hEvent, 20000) == WAIT_OBJECT_0) + { + n = GetOverlappedResult(device_handle, &overlapped, &lenin, FALSE); + } + } + + if (!n) + { + tun_log(LOG_ERR, reader_name, "Error reading from device: %u, %s (%d)\n", GetLastError(), strerror(errno), errno); + errcount++; + if (errcount > 10) break; + continue; + } + } + + /* Check for neighbour discovery packets (ICMPv6, ND_SOL, hop=255) + * (XXX: doesn't check for a chain, but ND is usually without) + */ + if ( solic->ip.ip6_ctlun.ip6_un1.ip6_un1_nxt == IPPROTO_ICMPV6 && + solic->icmp.icmp6_type == ND_NEIGHBOR_SOLICIT && + solic->ip.ip6_ctlun.ip6_un1.ip6_un1_hlim == 255) + { + /* Ignore unspecified ND's as they are used for DAD */ + if (IN6_IS_ADDR_UNSPECIFIED(&solic->ip.ip6_src)) continue; + + /* Create our reply */ + memset(&advert, 0, sizeof(advert)); + advert.ip.ip6_ctlun.ip6_un2_vfc = 6 << 4; + advert.ip.ip6_ctlun.ip6_un1.ip6_un1_flow = solic->ip.ip6_ctlun.ip6_un1.ip6_un1_flow; + advert.ip.ip6_ctlun.ip6_un1.ip6_un1_plen = htons(sizeof(advert.icmp) + sizeof(advert.adv)); + advert.ip.ip6_ctlun.ip6_un1.ip6_un1_nxt = IPPROTO_ICMPV6; + advert.ip.ip6_ctlun.ip6_un1.ip6_un1_hlim = 255; + + /* Swap src/dst */ + memcpy(&advert.ip.ip6_src, &solic->sol.nd_ns_target, sizeof(advert.ip.ip6_src)); + memcpy(&advert.ip.ip6_dst, &solic->ip.ip6_src, sizeof(advert.ip.ip6_dst)); + + /* ICMP Neighbour Advertisement */ + advert.icmp.icmp6_type = ND_NEIGHBOR_ADVERT; + advert.icmp.icmp6_code = 0; + advert.icmp.icmp6_dataun.icmp6_un_data8[0] = 0xe0; + memcpy(&advert.adv.nd_na_target, &solic->sol.nd_ns_target, sizeof(advert.adv.nd_na_target)); + /* Fake MAC address */ + advert.adv.nd_no_type = 2; + advert.adv.nd_no_len = 1; + advert.adv.nd_no_mac[0] = 0x00; + advert.adv.nd_no_mac[1] = 0xff; + advert.adv.nd_no_mac[2] = 0x25; + advert.adv.nd_no_mac[3] = 0x02; + advert.adv.nd_no_mac[4] = 0x19; + advert.adv.nd_no_mac[5] = 0x78; + + /* ICMP has a checksum */ + advert.icmp.icmp6_cksum = ipv6_checksum(&advert.ip, IPPROTO_ICMPV6, (uint8_t *)&advert.icmp, sizeof(advert.icmp) + sizeof(advert.adv)); + + /* We'll need to answer this back to the TAP device */ + tun_write((char *)&advert, (unsigned int)sizeof(advert)); + continue; + } + tun->function((char *)&buf[sizeof(struct ether)], (unsigned int)lenin - sizeof(struct ether)); +#endif + } + + D(dolog(LOG_DEBUG, "TUN Reader stopping\n")); +#ifndef _WIN32 + return NULL; +#else + return 0; +#endif +} + +/* Socket -> Tun */ +void tun_write(char *buf, unsigned int length) +{ + unsigned int c = 0; +#ifndef _WIN32 +#ifdef linux + struct iovec dat[2]; + struct tun_pi pi; + memset(&pi, 0, sizeof(pi)); + + pi.proto = htons(ETH_P_IPV6); + + dat[0].iov_base = π + dat[0].iov_len = sizeof(pi); + dat[1].iov_base = buf; + dat[1].iov_len = length; + + length += sizeof(pi); + + /* Forward the packet to the kernel */ + c = writev(tun_fd, dat, 2); + +#else /* *BSD/Darwin */ + + uint32_t type = htonl(AF_INET6); + struct iovec dat[2]; + + dat[0].iov_base = (void *)&type; + dat[0].iov_len = sizeof(type); + dat[1].iov_base = buf; + dat[1].iov_len = length; + + length += sizeof(type); + + /* Forward the packet to the kernel */ + c = writev(tun_fd, dat, 2); + +#endif + + if (c != length) + { + tun_log(LOG_ERR, writer_name, "Error while writing to TUN: %u != %u\n", c, length); + } + +#else /* Windows */ + DWORD n, lenout; + OVERLAPPED overlapped; + unsigned char mbuf[4096]; + + struct ether *eth = (struct ether *)mbuf; + + /* Sent the packet outbound */ + overlapped.Offset = 0; + overlapped.OffsetHigh = 0; + overlapped.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); + + memset(mbuf,0,sizeof(mbuf)); + eth->ether_dhost[0] = htons(0x3333); + eth->ether_dhost[1] = htons(0xff00); + eth->ether_dhost[2] = htons(0x0002); + eth->ether_shost[0] = htons(0x00ff); + eth->ether_shost[1] = htons(0x5342); + eth->ether_shost[2] = htons(0x2768); + eth->ether_type = htons(ETH_P_IPV6); + memcpy(&mbuf[sizeof(*eth)],buf,length); + + n = WriteFile(device_handle, mbuf, sizeof(*eth)+length, &lenout, &overlapped); + if (!n && GetLastError() == ERROR_IO_PENDING) + { + WaitForSingleObject(overlapped.hEvent, INFINITE); + n = GetOverlappedResult(device_handle, &overlapped, &lenout, FALSE); + } + + if (!n) + { + tun_log(LOG_ERR, writer_name, "Error writing to device: %u, %s (%d)\n", GetLastError(), strerror(errno), errno); + } +#endif +} + +#ifdef _WIN32 + +struct tap_reg +{ + char *guid; + struct tap_reg *next; +}; + +struct panel_reg +{ + char *name; + char *guid; + struct panel_reg *next; +}; + +/* Get a working tunnel adapter */ +struct tap_reg *get_tap_reg(void) +{ + HKEY adapter_key; + LONG status; + DWORD len; + struct tap_reg *first = NULL; + struct tap_reg *last = NULL; + int i = 0; + + status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, TAP_ADAPTER_KEY, 0, KEY_READ, &adapter_key); + if (status != ERROR_SUCCESS) + { + dolog(LOG_ERR, "Error opening registry key: %s\n", TAP_ADAPTER_KEY); + return NULL; + } + + while (true) + { + char enum_name[256]; + char unit_string[256]; + HKEY unit_key; + char component_id_string[] = "ComponentId"; + char component_id[256]; + char net_cfg_instance_id_string[] = "NetCfgInstanceId"; + char net_cfg_instance_id[256]; + DWORD data_type; + + len = sizeof(enum_name); + status = RegEnumKeyEx(adapter_key, i, enum_name, &len, NULL, NULL, NULL, NULL); + if (status == ERROR_NO_MORE_ITEMS) break; + else if (status != ERROR_SUCCESS) + { + dolog(LOG_ERR, "Error enumerating registry subkeys of key: %s (t0)\n", TAP_ADAPTER_KEY); + break; + } + + snprintf(unit_string, sizeof(unit_string), "%s\\%s", TAP_ADAPTER_KEY, enum_name); + status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, unit_string, 0, KEY_READ, &unit_key); + if (status != ERROR_SUCCESS) + { + dolog(LOG_WARNING, "Error opening registry key: %s (t1)\n", unit_string); + } + else + { + len = sizeof(component_id); + status = RegQueryValueEx(unit_key, component_id_string, NULL, &data_type, (LPBYTE)component_id, &len); + if (status != ERROR_SUCCESS || data_type != REG_SZ) + { + dolog(LOG_WARNING, "Error opening registry key: %s\\%s (t2)\n", unit_string, component_id_string); + } + else + { + len = sizeof(net_cfg_instance_id); + status = RegQueryValueEx(unit_key, net_cfg_instance_id_string, NULL, &data_type, (LPBYTE)net_cfg_instance_id, &len); + if (status == ERROR_SUCCESS && data_type == REG_SZ) + { + if ( strcmp(component_id, TAP_COMPONENT_ID1) == 0 || + strcmp(component_id, TAP_COMPONENT_ID2) == 0) + { + struct tap_reg *reg = (struct tap_reg *)malloc(sizeof(*reg)); + memset(reg, 0, sizeof(*reg)); + reg->guid = strdup(net_cfg_instance_id); + + if (!first) first = reg; + if (last) last->next = reg; + last = reg; + } + } + } + + RegCloseKey(unit_key); + } + i++; + } + + RegCloseKey(adapter_key); + return first; +} + +void free_tap_reg(struct tap_reg *tap_reg) +{ + struct tap_reg *tr, *tr1; + + for (tr = tap_reg; tr != NULL; tr = tr1) + { + tr1 = tr->next; + free(tr->guid); + free(tr); + } +} + +void free_panel_reg(struct panel_reg *panel_reg) +{ + struct panel_reg *pr, *pr1; + + for (pr = panel_reg; pr != NULL; pr = pr1) + { + pr1 = pr->next; + free(pr->guid); + free(pr->name); + free(pr); + } +} + + +/* Collect GUID's and names of all the Connections that are available */ +struct panel_reg *get_panel_reg(void) +{ + LONG status; + HKEY network_connections_key; + DWORD len; + struct panel_reg *first = NULL; + struct panel_reg *last = NULL; + int i = 0; + + status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, TAP_REGISTRY_KEY, 0, KEY_READ, &network_connections_key); + + if (status != ERROR_SUCCESS) + { + dolog(LOG_ERR, "Error opening registry key: %s (p0)\n", TAP_REGISTRY_KEY); + return NULL; + } + + while (true) + { + char enum_name[256]; + char connection_string[256]; + HKEY connection_key; + char name_data[256]; + DWORD name_type; + const char name_string[] = "Name"; + + len = sizeof(enum_name); + status = RegEnumKeyEx(network_connections_key, i, enum_name, &len, NULL, NULL, NULL, NULL); + if (status == ERROR_NO_MORE_ITEMS) break; + else if (status != ERROR_SUCCESS) + { + dolog(LOG_ERR, "Error enumerating registry subkeys of key: %s (p1)\n", TAP_REGISTRY_KEY); + break; + } + + i++; + + if (enum_name[0] != '{') continue; + + snprintf(connection_string, sizeof(connection_string), "%s\\%s\\Connection", TAP_REGISTRY_KEY, enum_name); + + status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, connection_string, 0, KEY_READ, &connection_key); + if (status != ERROR_SUCCESS) + { + dolog(LOG_WARNING, "Error opening registry key: %s (p2)\n", connection_string); + } + else + { + len = sizeof(name_data); + status = RegQueryValueEx(connection_key, name_string, NULL, &name_type, (LPBYTE)name_data, &len); + + if (status != ERROR_SUCCESS || name_type != REG_SZ) + { + dolog(LOG_WARNING, "Error opening registry key: %s\\%s\\%s (p3)\n", TAP_REGISTRY_KEY, (LPBYTE)connection_string, name_string); + } + else + { + struct panel_reg *reg = (struct panel_reg *)malloc(sizeof(*reg)); + memset(reg, 0, sizeof(*reg)); + reg->name = strdup(name_data); + reg->guid = strdup(enum_name); + + /* link into return list */ + if (!first) first = reg; + if (last) last->next = reg; + last = reg; + } + + RegCloseKey(connection_key); + } + } + + RegCloseKey(network_connections_key); + + return first; +} + +void tun_list_tap_adapters(void) +{ + int links; + struct tap_reg *tap_reg = get_tap_reg(), *tr, *tr1; + struct panel_reg *panel_reg = get_panel_reg(), *pr; + + dolog(LOG_INFO, "Available TAP-WIN32 adapters [name, GUID]:\n"); + + /* loop through each TAP-Win32 adapter registry entry */ + for (tr = tap_reg; tr != NULL; tr = tr->next) + { + links = 0; + + /* loop through each network connections entry in the control panel */ + for (pr = panel_reg; pr != NULL; pr = pr->next) + { + if (strcmp(tr->guid, pr->guid) == 0) + { + dolog(LOG_INFO, "'%s' %s\n", pr->name, tr->guid); + links++; + } + } + + if (links > 1) + { + dolog(LOG_WARNING, "*** Adapter with GUID %s has %u links from the Network Connections control panel, it should only be 1\n", tr->guid, links); + } + else if (links == 0) + { + dolog(LOG_WARNING, "[NULL] %s\n", tr->guid); + dolog(LOG_WARNING, "*** Adapter with GUID %s doesn't have a link from the control panel\n", tr->guid); + } + + /* check for TAP-Win32 adapter duplicated GUIDs */ + for (tr1 = tap_reg; tr1 != NULL; tr1 = tr1->next) + { + if (tr != tr1 && strcmp(tr->guid, tr1->guid) == 0) + { + dolog(LOG_WARNING, "*** Duplicate Adapter GUID %s\n", tr->guid); + } + } + } + + free_tap_reg(tap_reg); + free_panel_reg(panel_reg); +} + +bool tun_fixup_adapters(void) +{ + int links, count = 0, found = 0; + struct tap_reg *tap_reg = get_tap_reg(), *tr = NULL, *tr1 = NULL; + struct panel_reg *panel_reg = get_panel_reg(), *pr = NULL, *first = NULL, *prf = NULL; + bool ok; + + /* loop through each TAP-Win32 adapter registry entry */ + for (tr = tap_reg; tr != NULL; tr = tr->next) + { + links = 0; + ok = true; + + /* loop through each network connections entry in the control panel */ + for (pr = panel_reg; pr != NULL; pr = pr->next) + { + if (strcmp(tr->guid, pr->guid) == 0) + { + links++; + prf = pr; + + /* Is this the one wanted by the user? */ + if (strcasecmp(g_aiccu->ipv6_interface, pr->name) == 0) found++; + } + } + + if (links > 1) + { + dolog(LOG_WARNING, "*** Adapter with GUID %s has %u links from the Network Connections control panel, it should only be 1\n", tr->guid, links); + ok = false; + } + else if (links == 0) + { + dolog(LOG_WARNING, "[NULL] %s\n", tr->guid); + dolog(LOG_WARNING, "*** Adapter with GUID %s doesn't have a link from the control panel\n", tr->guid); + ok = false; + } + + /* check for TAP-Win32 adapter duplicated GUIDs */ + for (tr1 = tap_reg; tr1 != NULL; tr1 = tr1->next) + { + if (tr != tr1 && strcmp(tr->guid, tr1->guid) == 0) + { + dolog(LOG_WARNING, "*** Duplicate Adapter GUID %s\n", tr->guid); + ok = false; + } + } + + if (ok) + { + count++; + first = prf; + } + } + + ok = false; + + /* When the user didn't configure us correctly and we find a single TAP interface, just rename it */ + if (found == 0 && count == 1 && first) + { + dolog(LOG_INFO, "Renaming adapter '%s' to '%s' and using it\n", first->name, g_aiccu->ipv6_interface); + aiccu_win32_rename_adapter(first->name); + ok = true; + } + else if (found == 1 && count == 1) + { + D(dolog(LOG_DEBUG, "Using configured interface %s\n", g_aiccu->ipv6_interface)); + ok = true; + } + else + { + ok = false; + dolog(LOG_WARNING, "Found = %u, Count = %u\n", found, count); + } + + free_tap_reg(tap_reg); + free_panel_reg(panel_reg); + + return ok; +} + +#endif + +bool tun_start(struct tun_reader *tun) +{ +#ifndef _WIN32 + pthread_t thread; +#ifdef linux + struct ifreq ifr; + + /* Create a new tap device */ + tun_fd = open("/dev/net/tun", O_RDWR); + if (tun_fd == -1) + { + tun_log(LOG_ERR, "start", "Couldn't open device %s: %s (%d)\n", "/dev/net/tun", strerror(errno), errno); + return false; + } + + memset(&ifr, 0, sizeof(ifr)); + /* Request a TUN device */ + ifr.ifr_flags = IFF_TUN; + /* Set the interface name */ + strncpy(ifr.ifr_name, g_aiccu->ipv6_interface, sizeof(ifr.ifr_name)); + + if (ioctl(tun_fd, TUNSETIFF, &ifr)) + { + tun_log(LOG_ERR, "start", "Couldn't set interface name to %s: %s (%d)\n", + g_aiccu->ipv6_interface, strerror(errno), errno); + return false; + } + +#else /* *BSD/Darwin */ + + char buf[128]; + unsigned int i; + int mode = IFF_MULTICAST | IFF_POINTOPOINT; + + /* Try the configured interface */ + tun_log(LOG_DEBUG, "start", "Trying Configured TUN/TAP interface %s...\n", g_aiccu->ipv6_interface); + snprintf(buf, sizeof(buf), "/dev/%s", g_aiccu->ipv6_interface); + tun_fd = open(buf, O_RDWR); + if (tun_fd < 0) + { + /* Fall back to trying all /dev/tun* devices */ + for (i = 0; i < 256; ++i) + { + snprintf(buf, sizeof(buf), "/dev/tun%u", i); + tun_log(LOG_DEBUG, "start", "Trying TUN/TAP interface %s...\n", &buf[8]); + tun_fd = open(buf, O_RDWR); + if (tun_fd >= 0) + { + /* Copy over the name of the interface so that configging goes okay */ + if (g_aiccu->ipv6_interface) free(g_aiccu->ipv6_interface); + snprintf(buf, sizeof(buf), "tun%u", i); + g_aiccu->ipv6_interface = strdup(buf); + } + break; + } + } + + if (tun_fd < 0) + { + tun_log(LOG_ERR, "start", "Couldn't open device %s or /dev/tun*: %s (%d)\n", g_aiccu->ipv6_interface, strerror(errno), errno); + return false; + } + + tun_log(LOG_DEBUG, "start", "Using TUN/TAP interface %s\n", g_aiccu->ipv6_interface); + +#ifndef _FREEBSD +#ifndef _DARWIN +#ifndef _AIX + tun_log(LOG_DEBUG, "start", "Setting TUNSIFMODE for %s\n", g_aiccu->ipv6_interface); + if (ioctl(tun_fd, TUNSIFMODE, &mode, sizeof(mode)) == -1) + { + tun_log(LOG_ERR, "start", "Couldn't set interface %s's TUNSIFMODE to MULTICAST|POINTOPOINT: %s (%d)\n", + g_aiccu->ipv6_interface, strerror(errno), errno); + close(tun_fd); + tun_fd = -1; + return false; + } +#endif +#endif +#endif + +#ifdef NEED_IFHEAD + tun_log(LOG_DEBUG, "start", "Setting TUNSIFHEAD for %s\n", g_aiccu->ipv6_interface); + mode = 1; + if (ioctl(tun_fd, TUNSIFHEAD, &mode, sizeof(mode)) == -1) + { + tun_log(LOG_ERR, "start", "Couldn't set interface %s's TUNSIFHEAD to enabled: %s (%d)\n", + g_aiccu->ipv6_interface, strerror(errno), errno); + close(tun_fd); + tun_fd = -1; + return false; + } +#endif + +#endif /* linux */ + + +#else /* Windows */ + + HKEY key; + DWORD pID; + HANDLE h; + int i; + + char adapterid[1024]; + char tapname[1024]; + DWORD len; + + if (!tun_fixup_adapters()) + { + tun_log(LOG_ERR, "start", "TAP-Win32 Adapter not configured properly...\n"); + return false; + } + + /* Open registry and look for network adapters */ + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, TAP_REGISTRY_KEY, 0, KEY_READ, &key)) + { + tun_log(LOG_ERR, "start", "Could not open the networking registry key\n"); + return false; + } + + for (i = 0; device_handle == INVALID_HANDLE_VALUE; i++) + { + len = sizeof(adapterid); + if (RegEnumKeyEx(key, i, adapterid, &len, 0, 0, 0, NULL)) break; + + snprintf(tapname, sizeof(tapname), TAP_DEVICE_DIR "%s.tap", adapterid); + tun_log(LOG_DEBUG, "start", "Trying %s\n", tapname); + device_handle = CreateFile(tapname, GENERIC_WRITE | GENERIC_READ, 0, 0, OPEN_EXISTING, FILE_ATTRIBUTE_SYSTEM | FILE_FLAG_OVERLAPPED, 0); + + if (device_handle != INVALID_HANDLE_VALUE) + { + unsigned long status, info[3] = {0,0,0}; + + /* get driver version info */ + if (DeviceIoControl(device_handle, TAP_IOCTL_GET_VERSION, &info, sizeof(info), &info, sizeof(info), &len, NULL)) + { + D(tun_log(LOG_DEBUG, "start", "TAP-Win32 Driver Version %d.%d %s", (int)info[0], (int)info[1], info[2] ? "(DEBUG)" : "")); + } + + if (!(info[0] > TAP_WIN32_MIN_MAJOR || (info[0] == TAP_WIN32_MIN_MAJOR && info[1] >= TAP_WIN32_MIN_MINOR))) + { + tun_log(LOG_ERR, "start", "A TAP-Win32 driver is required that is at least version %d.%d -- If you recently upgraded your Tap32 driver, a reboot is probably required at this point to get Windows to see the new driver.", TAP_WIN32_MIN_MAJOR, TAP_WIN32_MIN_MINOR); + CloseHandle(device_handle); + device_handle = INVALID_HANDLE_VALUE; + continue; + } + + /* Note: we use TAP mode on Windows, not TUN */ + + /* Try to mark the device as 'up */ + status = true; + DeviceIoControl(device_handle, TAP_IOCTL_SET_MEDIA_STATUS, &status, sizeof(status), &status, sizeof(status), &len, NULL); + } + } + + RegCloseKey(key); + + if (device_handle == INVALID_HANDLE_VALUE) + { + tun_log(LOG_ERR, "start", "No working Tap device found!\n"); + return false; + } + +#endif /* _WIN32 */ + + /* Launch a thread for reader */ +#ifndef _WIN32 + pthread_create(&thread, NULL, tun_reader, (void *)tun); +#else + h = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)tun_reader, tun, 0, &pID); +#endif + + /* We now return, the real tunneling tool can call tun_write() when it wants */ + + return true; +} diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/common/tun.h /tmp/0dDlfsosXk/aiccu-20070115/common/tun.h --- /tmp/h6kCLsMZDY/aiccu-20050131/common/tun.h 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/common/tun.h 2006-07-18 23:24:30.000000000 +0200 @@ -0,0 +1,45 @@ +/********************************************************** + SixXS - Automatic IPv6 Connectivity Configuration Utility +*********************************************************** + Copyright 2003-2005 SixXS - http://www.sixxs.net +*********************************************************** + common/tun.h - Tunnel Device Handling +*********************************************************** + $Author: jeroen $ + $Id: tun.h,v 1.3 2006-07-13 19:33:39 jeroen Exp $ + $Date: 2006-07-13 19:33:39 $ +**********************************************************/ + +#ifndef TUN_H +#define TUN_H "H5K7:W3NDY5UU5N1K1N1C0l3" + +#include "common.h" + +#ifdef _WIN32 +/* Windows writev() support */ +struct iovec +{ + u_long iov_len; + char *iov_base; +}; + +int writev(SOCKET sock, const struct iovec *vector, DWORD count); +void tun_list_tap_adapters(void); +#endif + +#ifndef _WIN32 + typedef void (*TUN_PROCESS)(char *, unsigned int); +#else + typedef void (*TUN_PROCESS)(char *, unsigned int); +#endif + +struct tun_reader +{ + TUN_PROCESS function; +}; + +void tun_write(char *buf, unsigned int length); +bool tun_start(struct tun_reader *tun); + +#endif /* TUN_H */ + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.config /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.config --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.config 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.config 2007-03-11 14:29:25.000000000 +0100 @@ -0,0 +1,168 @@ +#!/bin/bash + +CONFIGFILE=/etc/aiccu.conf +TMPCONF=/etc/aiccu.conf.$$.dpkg-tmp +TMPFILE=/etc/aiccu.temp.$$.dpkg-tmp +BINARY=/usr/sbin/aiccu + +# Note: the two temp files are placed in /etc thus should be symlink-attack safe + +if [ ! -x $BINARY ]; then + # Can't configure yet as we don't have our binary yet + exit 0; +fi + +# Make sure that files we create are not readable by anyone but us (root) +umask 077 + +. /usr/share/debconf/confmodule + +if [ -e $CONFIGFILE ]; then + USERNAME=$(grep ^username $CONFIGFILE | awk '{print $2}') + PASSWORD=$(grep ^password $CONFIGFILE | awk '{print $2}') + PROTO=$(grep ^protocol $CONFIGFILE | awk '{print $2}') + SERVER=$(grep ^server $CONFIGFILE | awk '{print $2}') + TUNNEL=$(grep ^tunnel_id $CONFIGFILE | awk '{print $2}') + + if [ "$USERNAME" != "" ]; then + db_set aiccu/username "$USERNAME" + fi + + if [ "$PASSWORD" != "" ]; then + db_set aiccu/password "$PASSWORD" + fi + + if [ "$PROTO" != "" -a "$SERVER" != "" ]; then + db_set aiccu/brokername "$PROTO://$SERVER" + fi + + if [ "$TUNNEL" != "" ]; then + db_set aiccu/tunnelname "$TUNNEL" + fi +fi + + +db_reset aiccu/badauth + +# +# State What +# 1 Get Tunnel Brokername +# 2 Get User/pass +# 3 Get Tunnel ID +# 4 Exit + +STATE=1 +while [ $STATE -ge 1 -a $STATE -le 3 ]; do + + case "$STATE" in + 1) + # Fetch the list of tunnel brokers + BROKERS=$($BINARY brokers | sort >$TMPFILE) + + if [ "$?" != "0" ]; then + # No TunnelBrokers found + db_input high aiccu/nobrokers || true + echo "No brokers" + else + # Found Tunnel brokers, present them to the user + BROKERS=$(cat $TMPFILE | cut -f1 -d'|' | awk '{print $0","}') + BROKERS=$(echo -n $BROKERS | sed 'N;s/\n//g' | sed 's/,$//g') + db_subst aiccu/brokername brokers "$BROKERS" + db_fset aiccu/brokername seen false + db_input high aiccu/brokername || true + db_go || true + fi + + # Remove temporary file + rm $TMPFILE + ;; + + 2) + # Request User / Pass + db_input high aiccu/username || true + db_input high aiccu/password || true + db_go || true + ;; + + 3) + # Reset our temp config file + echo "# Temporary AICCU config written by debconf" > $TMPCONF + #echo "verbose true" >> $TMPCONF + + # Take the Protocol and server from the Brokername + db_get aiccu/brokername + URL=$($BINARY brokers | grep "$RET") + PROTO=$(echo $URL | cut -f2 -d'|' | cut -f1 -d:) + SERVER=$(echo $URL | cut -f2 -d'|' | cut -f3 -d/) + + echo "protocol $PROTO" >> $TMPCONF + echo "server $SERVER" >> $TMPCONF + + db_get aiccu/username + USERNAME="$RET" + + db_get aiccu/password + PASSWORD="$RET" + + # Try to get the tunnels using the provided user/pass + if [ "$USERNAME" != "" -a "$PASSWORD" != "" ]; then + echo "username $USERNAME" >> $TMPCONF + echo "password $PASSWORD" >> $TMPCONF + + TUNNELS=$($BINARY tunnels $TMPCONF >$TMPFILE) + + if [ "$?" != "0" ]; then + db_input high aiccu/badauth || true + else + db_set aiccu/badauth "false" + + TUNNELS=$(cat $TMPFILE | cut -f1 -d' ' | awk '{print $0","}') + TUNNELS=$(echo -n $TUNNELS | sed 'N;s/\n//g' | sed 's/,$//g') + + if [ "$TUNNELS" = "" ]; then + db_input high aiccu/notunnels || true + else + db_subst aiccu/tunnelname tunnels "$TUNNELS" + db_input high aiccu/tunnelname || true + db_go || true + fi + fi + + # Remove temporary file + rm $TMPFILE + else + db_set aiccu/badauth "false" + fi + + # Remove the temporary as we don't need it anymore + rm $TMPCONF + ;; + esac + + db_go + + case "$STATE" in + 1) + STATE=2 + ;; + 2) + STATE=3 + ;; + 3) + db_get aiccu/badauth + + # When badly authenticated do it all over + if [ "$RET" = "true" ]; then + STATE=1 + db_reset aiccu/brokername + db_reset aiccu/username + db_reset aiccu/password + db_reset aiccu/tunnelname + else + STATE=4 + fi + db_reset aiccu/badauth + ;; + esac +done + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.manpages /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.manpages --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.manpages 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.manpages 2005-05-21 19:48:53.000000000 +0200 @@ -0,0 +1 @@ +doc/aiccu.1 diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.postinst /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.postinst --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.postinst 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.postinst 2007-03-11 14:29:25.000000000 +0100 @@ -0,0 +1,119 @@ +#!/bin/bash -e + +CONFIGFILE="/etc/aiccu.conf" +TMPCONF=/etc/aiccu.conf.dpkg-tmp +EXAMPLE=/usr/share/doc/aiccu/examples/aiccu.conf +CTLINFO="# Under control from debconf, please use 'dpkg-reconfigure aiccu' to reconfigure" +BINARY=/usr/sbin/aiccu + +. /usr/share/debconf/confmodule + +db_get aiccu/username +USERNAME="$RET" + +db_get aiccu/password +PASSWORD="$RET" + +AICCUOUT=$($BINARY brokers) + +db_get aiccu/brokername +URL=$(echo "$AICCUOUT" | grep "$RET") +PROTO=$(echo $URL | cut -f2 -d'|' | cut -f1 -d:) +SERVER=$(echo $URL | cut -f2 -d'|' | cut -f3 -d/) + +db_get aiccu/tunnelname +TUNNEL="$RET" + +db_stop + +if [ "$USERNAME" = "" ]; then + # Not configured yet, thus skip + exit 0; +fi + +# Defaults when nothing gets chosen +# This might happen because of broken DNS +if [ "$PROTO" = "" ]; then + PROTO="tic" +fi + +if [ "$SERVER" = "" ]; then + SERVER="tic.sixxs.net" +fi + +# Make sure that files we create are not readable by anyone but us (root) +umask 077 + +# Check if the /etc/aiccu.conf is actually the example +if [ diff -q $EXAMPLE $CONFIGFILE 2>/dev/null >/dev/null ]; then + DEFAULTCONFIG="true" +else + DEFAULTCONFIG="false" +fi + +# Install a default config when it didn't exist yet or it is the same as the example +# bash uses '==', dash uses '=', thus use '!=' as that is the same +if [ "$DEFAULTCONFIG" != "false" -o ! -e "$CONFIGFILE" ]; then + + # Note that it is under debconf control + echo $CTLINFO >> $TMPCONF + + # Replace the example lines so that they become normals + sed -e "s/^#username .*/username $USERNAME/; s/^#password .*/password $PASSWORD/; s/^#protocol .*/protocol $PROTO/; s/^#server .*/server $SERVER/; s/^#tunnel_id .*/tunnel_id $TUNNEL/;" < $EXAMPLE >> $TMPCONF + +# Modify the existing one +else + # Note that it is under debconf control + if ! grep -q "^$CTLINFO" $CONFIGFILE; then + echo $CTLINFO >> $TMPCONF >>$TMPCONF + fi + + # Make sure that all the variables can be stored somewhere + if ! grep -q "^username" $CONFIGFILE; then + if [ "$USERNAME" != "" ]; then + echo "username $USERNAME" >> $TMPCONF + fi + fi + + if ! grep -q "^password" $CONFIGFILE; then + if [ "$PASSWORD" != "" ]; then + echo "password $PASSWORD" >> $TMPCONF + fi + fi + + if ! grep -q "^protocol" $CONFIGFILE; then + if [ "$PROTO" != "" ]; then + echo "protocol $PROTO" >> $TMPCONF + fi + fi + if ! grep -q "^server" $CONFIGFILE; then + if [ "$SERVER" != "" ]; then + echo "server $SERVER" >> $TMPCONF + fi + fi + + if ! grep -q "^tunnel_id" $CONFIGFILE; then + if [ "$TUNNEL" != "" ]; then + echo "tunnel_id $TUNNEL" >> $TMPCONF + fi + fi + + sed -e "s/^username .*/username $USERNAME/; s/^password .*/password $PASSWORD/; s/^protocol .*/protocol $PROTO/; s/^server .*/server $SERVER/; s/^tunnel_id .*/tunnel_id $TUNNEL/;" < $CONFIGFILE >> $TMPCONF +fi + +# Move it into place +mv -f $TMPCONF $CONFIGFILE +# Just in case, make sure the permissions are perfect and dandy +chmod 600 $CONFIGFILE + +# The init script is not in debian/aiccu.init, so we need to take of +# update-rc.d by ourselves +if [ "$1" = "configure" ] +then + invoke-rc.d aiccu stop + update-rc.d aiccu defaults 16 80 >/dev/null + invoke-rc.d aiccu start +fi + +#DEBHELPER# + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.postrm /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.postrm --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.postrm 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.postrm 2007-03-11 14:29:25.000000000 +0100 @@ -0,0 +1,11 @@ +#!/bin/sh + +#DEBHELPER# + +# There is currently no init script handling through debhelper due to the +# non-standard location of the script within the source tree. +if [ "$1" = "purge" ] +then + update-rc.d aiccu remove >/dev/null +fi + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.preinst /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.preinst --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/aiccu.preinst 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/aiccu.preinst 2005-05-21 19:48:53.000000000 +0200 @@ -0,0 +1,3 @@ +#!/bin/sh -e + +#DEBHELPER# diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/changelog /tmp/0dDlfsosXk/aiccu-20070115/debian/changelog --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/changelog 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/changelog 2007-03-11 14:29:25.000000000 +0100 @@ -1,6 +1,217 @@ -aiccu (20050131-1) unstable; urgency=low +aiccu (20070115-1) unstable; urgency=low - * Initial release + * Upload package with me as an interim maintainer. Anand orphaned this + package in private mail to me. (Closes: #407026) + * Upload to `main' because of licence change in 20070107. + (Closes: #388759) + * New upstream version with the packaging based upon the one provided + by upstream in the source tarball. aiccu is now up-to-date which + should fix issues when connecting to SixXS. + (Closes: #405606, #405610, #379766) + * Slight packaging changes: I made the packaging non-native and changed + some permission bits, dependencies and files to conform to the + Debian standards and to fix various Lintian warnings and errors. + Please see the diff for details. + * The amd64 binary package is included in the upload. + (Closes: #366002) - -- Anand Kumria Mon, 27 Mar 2006 07:56:20 +1100 + -- Philipp Kern Wed, 7 Feb 2007 02:51:36 +0100 +aiccu (20070115) stable; urgency=medium + * Fixup in Debian init script (based on original patch by Bernhard Schmidt). + * Change in redirections so that errors don't show in debconf menu's etc. + * NetBSD fixes as there is not always a Tunnel Device that + supports IPv6 (thanks to Geert Hendrickx). + * Gentoo ebuild update, adding depends and require ntp-client. + * RPM spec update, add build-requirement. + * Check return values of system commands. + * Added a big warning about running AICCU from Daemontools and similar + programs which run AICCU in a loop, thus hammering the TIC server. + * Be a bit smarter in checking for support of IPv6. + + -- Jeroen Massar Mon, 15 Jan 2007 11:00:42 +0000 + +aiccu (20070107) stable; urgency=high + * 2007 Edition of AICCU. + * License change to standard 3-clause BSD license. + With thanks to Theo de Raadt, Marco d'Itri and Philipp Kern for + their wise words and reasoning for coming to this decision. + * High urgency because of the above and it fixing large problems. + * Fixed Mac OS X / Darwin support on the MacBookPro of Pim van Pelt. + * Added MTU, from TIC, configuration on most platforms. + * Fixed up silly linux bug, adding LL address to tunnels but not to tun/taps. + * Removed Win32 Alpha Endianess (reported by Christian Weisgerber). + * Fixed up alignment error in parseline() (reported by Christian Weisgerber). + * OpenBSD 4.0 support (patch provided by Christian Weisgerber). + * OpenBSD AYIYA fixup (patch provided by Pim van Pelt). + * Fedora/RPM init script fixup (bash case's don't fall through) + reported and patch supplied by Matt Domsch. + * NetBSD AYIYA support (noted by Tobias Riediger) + Works on NetBSD 4.x, for NetBSD 3.0 one needs to patch tun/tap to + support IPv6. Patch is available from the archives. + * local_ipv4_override option so one can use AICCU behind a NAT that + has been configured correctly to do proto-41 forwarding. This is + usually called a DMZ setup. + + -- Jeroen Massar Sun, 07 Jan 2007 14:00:42 +0000 + +aiccu (20060806) stable; urgency=low + * Changelog version format change as the 'official' (before there where + legal issues as they don't understand the word 'SHOULD' which is cleary + defined in the IETF and now somebody simply uploaded it anyway it without + even asking or notifying us about it) debian packages which are broken, + old and unsupported would seem newer and thus this new version would not + get updated to even when folks would have the official AICCU repository + in their sources.list. This solves that issue. + * pidfile fixup and configuration parameter. + * Corrected Broker selection in debconf. + * Configuration file rewriting by debconf is now done in a 'nice' way. + + -- Jeroen Massar Sun, 6 Aug 2006 13:56:42 +0100 + +aiccu (2006-07-25) stable; urgency=low + * DragonFlyBSD fix + + -- Jeroen Massar Tue, 25 Jul 2006 11:22:42 +0100 + +aiccu (2006-07-23) stable; urgency=low + * The Nina'th release. + * Verified AYIYA support on Windows, OpenBSD, FreeBSD and Linux ia32/AMD64/armeb. + * Disabled TSP and L2TP (Teepee) support as they are not finished. + * No more IPv4 interface as it is not used anymore. + * On AIX we now compile with xlc_r. + * Retrieves Tunnel Brokers from _aiccu. and from _aiccu.sixxs.net. + + -- Jeroen Massar Sun, 23 Jul 2006 16:48:42 +0100 + +aiccu (2006-07-13) stable; urgency=low + * Added no-configure and defaultroute options. + * AYIYA now forks so that AYIYA heartbeats work. + * Ctrl-C handling + * Protocol and server can be specified in configuration file + * AYIYA fixes: header alignment, Win32 TAP 8.1 support + * TAP listing using --listtaps (windows) + * Confuration can now be saved using a menu entry in the GUI (windows) + * TAP interface renaming when it's the only TAP and name not in the config (windows) + * Fedora fixes by Matt Domsch + + -- Jeroen Massar Thu, 13 Jul 2006 22:42:42 +0100 + +aiccu (2006-03-10) stable; urgency=low + * Changed Debian start/stop priority as noted by Mario 'BitKoenig' Holbe. + They now match openvpn/pppd etc. + + -- Jeroen Massar Fri, 10 Mar 2006 21:24:42 +0100 + +aiccu (2005-12-05) stable; urgency=low + * DragonFlyBSD (uses the FreeBSD4 interface) added as noted by Geert Hendrickx. + + -- Jeroen Massar Sun, 14 Aug 2005 14:10:42 +0200 + +aiccu (2005-08-14) stable; urgency=low + * Mac OS X typo-fix (reported by Wim Biemolt) + * GNUTLS support. TIC will go over TLS avoiding cleartext + negotiations where possible. + * Heartbeat stop & start per signal (requested by Peter Bieringer) + * AYIYA Heartbeating. + * L2TPv2 Support. + * TSP Support. + * Gary Coady's Debian/Ubuntu update: + * Use dpkg-buildpackage to generate deb files + * Remove configuration checks from Debian init script + * Use common print functions in Debian init script + * Add 'tunnels' parameter to aiccu, which reports available tunnels + * Return non-zero exit code if unable to successfully authenticate + to POP + * Log to stderr instead of stdout + * Send signal 0 to existing aiccu binary instead of SIGHUP + * Add debconf support + Thanks to Gary for these very nice addons! + * Added OpenBSD PortInfo by Thomas Kaschwig + * Added Makefile changes to support FreeBSD6, noted by Meno Abels + * Added _NETBSD_SOURCE define as mentioned by Maarten Dammers + * Changed aiccu_kame to do configuration differently depending + if the interface is a proto-41 one or a tun device. + * Solaris and AIX support + Endian Fixes. + * 'version' option for unix_console. + * 64bit fixes + compilation check against a big number of platforms. + * Multiple Tunnelbrokers Support using TXT records from _aiccu.sixxs.net DNS. + * AYIYA Port number set to 5072 (IANA assigned) + + -- Jeroen Massar Sun, 14 Aug 2005 14:10:42 +0200 + +aiccu (2005-01-31) stable; urgency=low + * Full integration of AYIYA, thus normal request procedures + * Version -gui/-console correction + * FreeBSD/Darwin route fixes (reported by Peter van Dijk) + * Windows: New POP logos added + * Linklocals for AYIYA tunnels making MLD and thus multicast + work (reported by Marco d'Itri) + * fflush() during non-syslog logging so that AICCU logs + correctly when run from daemontools (Peter van Dijk) + + -- Jeroen Massar Mon, 31 Jan 2005 20:29:42 +0100 + +aiccu (2005-01-09) stable; urgency=low + + * Mum's birthday release + * MacOS X support (Marc Kramis) + * DEBUG messages are not logged anymore + * OpenBSD 2.x/3.x support (Wouter van Hemel) + * Don't overwrite config when doing a 'make install' (Wouter van Hemel) + * Manual page (Antonio Ospite) + * Windows Configuration directory based on GetWindowsDirectory() + (reported by Thomas B. Ruecker) + * Windows NAT message fix (reported by Thomas B. Ruecker) + + -- Jeroen Massar Sun, 9 Jan 2005 09:00:42 +0100 + +aiccu (2004-09-17-beta2b) stable; urgency=low + + * OpenBSD fixes (AO) + * debian/rules debclean - now calls the correct clean (A0) + * Debian dependency on iproute (MdI) + * Gentoo Port (Thorsten Becker) + + -- Jeroen Massar Sun, 12 Sep 2004 10:24:42 +0100 + +aiccu (2004-09-09-beta2a) stable; urgency=low + + * Compile with pendantic, removing C++ "//" comments (AO) + * Debian fixes: file permissions, distclean (AO) + * rc.d addon (AO) + * Remove superfluous CVS dirs (AO) + * init script fix specifying 'start' (RS) + * RPM_OPT_FLAGS passing (RS) + * License fixes, making it more open (PvD & MdI) + * RPM package (RS) + * FreeBSD 4.x + 5.x port (MA) + * Many more fixes and cleanups (JM) + Who/what: + * AO = Antonio Ospite + * RS = Robert Schiele + * PvD = Peter van Dijk + * MdI = Marco d'Itri + * MA = Meno Abels + * JM = Jeroen Massar + + -- Jeroen Massar Thu, 09 Sep 2004 10:24:42 +0100 + +aiccu (2004-08-30-beta2) stable; urgency=low + + * Updated LICENSE which should now be 100% free(tm) + * Local-IP fix when using heartbeat tunnels + + -- Jeroen Massar Mon, 30 Aug 2004 21:26:42 +0100 + +aiccu (2004-08-29-beta2) stable; urgency=low + + * Brand spanking new AICCU + * Compiles both on Windows and UNIX + * Supports: + - TIC + - 6in4-static + - 6in4-heartbeat + - AYIYA + + -- Jeroen Massar Sun, 29 Aug 2004 20:55:42 +0100 diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/compat /tmp/0dDlfsosXk/aiccu-20070115/debian/compat --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/compat 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/compat 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -4 diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/control /tmp/0dDlfsosXk/aiccu-20070115/debian/control --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/control 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/control 2007-03-11 14:29:25.000000000 +0100 @@ -1,21 +1,18 @@ Source: aiccu -Section: non-free/net -Priority: extra -Maintainer: Anand Kumria -Build-Depends: debhelper (>> 4.0.0) -Standards-Version: 3.6.1.0 +Section: net +Priority: optional +Maintainer: Philipp Kern +Build-Depends: debhelper (>= 4.0.0), po-debconf, libgnutls-dev +Standards-Version: 3.7.2 Package: aiccu Architecture: any -Depends: ${shlibs:Depends}, iputils-ping, iputils-tracepath, iproute +Depends: ${shlibs:Depends}, iputils-ping, iputils-tracepath, iproute, debconf, lsb-base +Recommends: ntpdate | ntp Description: SixXS Automatic IPv6 Connectivity Client Utility This client automatically gives one IPv6 connectivity without having to manually configure interfaces etc. - . - You require a SixXS account and must configure it with at least - one tunnel. Accounts are freely available from the non-profit - SixXS organisation. - . + One does need a SixXS account and at least a tunnel. These + can be freely & gratis requested from the SixXS website. For more information about SixXS check http://www.sixxs.net - . - Homepage: http://www.sixxs.net/tools/aiccu/ + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/copyright /tmp/0dDlfsosXk/aiccu-20070115/debian/copyright --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/copyright 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/copyright 2007-03-11 14:29:25.000000000 +0100 @@ -1,57 +1,36 @@ -This package was debianized by Anand Kumria on -Mon, 27 Mar 2006 07:56:20 +1100 +The source for this package was downloaded from +. -It was downloaded from: - +Upstream Author: Jeroen Massar et al. -Upstream Author: Jeroen Massar +Copyright 2003-2005 SixXS - http://www.sixxs.net -Copyright: - -[ summary: BSD-like but with two clauses (4) and (5) which make aiccu non-free ] - -Copyright (C) SixXS -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. Neither the name of SixXS nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior permission. -4. One should not remove any reference to, or logo of, SixXS. -5. When the software is altered to not use SixXS services, one is kindly - asked to notify SixXS of this by sending an email to the SixXS Staff - at info@sixxs.net, containing at least the following details: - 8<-------- - Organisation : Organisation Name - Email : mailbox@example.com - Website : http://www.example.com - is using software for: - < - description of: - the usage - the reason why it was modified - > - -------->8 - Additional information details may of course be provided. - We request this to be able to know why people would choose not to - use the services provided by SixXS and the participating ISP's. - -THIS SOFTWARE IS PROVIDED BY SIXXS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL SIXXS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. + The SixXS License - http://www.sixxs.net/ + + Copyright (C) SixXS Staff + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of SixXS nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior permission. + + THIS SOFTWARE IS PROVIDED BY SIXXS AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL SIXXS OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/dirs /tmp/0dDlfsosXk/aiccu-20070115/debian/dirs --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/dirs 2004-08-22 14:52:50.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/dirs 2006-08-06 18:11:29.000000000 +0200 @@ -1 +1,2 @@ usr/sbin +etc diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/po/POTFILES.in /tmp/0dDlfsosXk/aiccu-20070115/debian/po/POTFILES.in --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/po/POTFILES.in 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/po/POTFILES.in 2007-03-11 14:29:25.000000000 +0100 @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/po/templates.pot /tmp/0dDlfsosXk/aiccu-20070115/debian/po/templates.pot --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/po/templates.pot 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/po/templates.pot 2007-03-11 14:29:25.000000000 +0100 @@ -0,0 +1,113 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: pkern@debian.org\n" +"POT-Creation-Date: 2007-02-07 02:41+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Username:" +msgstr "" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"To successfully connect, you must have a valid username. This is the same as " +"the handle you use to log into the website." +msgstr "" + +#. Type: password +#. Description +#: ../templates:2001 +msgid "Password:" +msgstr "" + +#. Type: password +#. Description +#: ../templates:2001 +msgid "" +"To successfully connect, you must have a valid password. This is the same " +"password you use to log into the website." +msgstr "" + +#. Type: select +#. Description +#: ../templates:3001 +msgid "Tunnel Broker:" +msgstr "" + +#. Type: select +#. Description +#: ../templates:3001 +msgid "Select the Tunnel Broker you would like to use." +msgstr "" + +#. Type: select +#. Description +#: ../templates:4001 +msgid "Tunnel Name:" +msgstr "" + +#. Type: select +#. Description +#: ../templates:4001 +msgid "" +"If you have more than one tunnel configured in your account, you must " +"specify which tunnel should be activated." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "Recheck authentication details?" +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:5001 +msgid "" +"You most likely have given bad authentication details. Try to login through " +"the website of the Tunnel Broker or contact them to ask about problems." +msgstr "" + +#. Type: note +#. Description +#: ../templates:6001 +msgid "No Tunnel Brokers available" +msgstr "" + +#. Type: note +#. Description +#: ../templates:6001 +msgid "" +"No Tunnel Brokers could be retrieved from DNS (_aiccu + _aiccu.sixxs.net) " +"this most likely indicates a DNS configuration problem." +msgstr "" + +#. Type: note +#. Description +#: ../templates:7001 +msgid "No tunnels available" +msgstr "" + +#. Type: note +#. Description +#: ../templates:7001 +msgid "" +"You currently have no tunnels available. Please go to the SixXS website at " +"http://www.sixxs.net/ to request a tunnel for your account." +msgstr "" diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/postrm.debhelper /tmp/0dDlfsosXk/aiccu-20070115/debian/postrm.debhelper --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/postrm.debhelper 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/postrm.debhelper 2006-07-25 11:29:12.000000000 +0200 @@ -0,0 +1,6 @@ +# Automatically added by dh_installdebconf +if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then + . /usr/share/debconf/confmodule + db_purge +fi +# End automatically added section diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/rules /tmp/0dDlfsosXk/aiccu-20070115/debian/rules --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/rules 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/rules 2007-03-11 14:29:25.000000000 +0100 @@ -7,7 +7,7 @@ #export DH_VERBOSE=1 # This is the debhelper compatability version to use. -#export DH_COMPAT=3 +export DH_COMPAT=4 configure: configure-stamp configure-stamp: @@ -17,7 +17,7 @@ build: build-stamp -build-stamp: configure-stamp +build-stamp: configure-stamp dh_testdir # Add here commands to compile the package. @@ -32,6 +32,9 @@ # Add here commands to clean up after the build process. -$(MAKE) clean + # Fix permissions of configuration file + chmod a-x `pwd`/doc/aiccu.conf + dh_clean install: build @@ -42,8 +45,8 @@ # Add here commands to install the package into debian/aiccu $(MAKE) DESTDIR=`pwd`/debian/aiccu install - # Install the default configuration file - cp doc/aiccu.conf `pwd`/debian/aiccu/etc/aiccu.conf + # The license is already duplicated in debian/copyright + rm `pwd`/debian/aiccu/usr/share/doc/aiccu/LICENSE # Build architecture-independent files here. binary-indep: build install @@ -53,27 +56,22 @@ binary-arch: build install dh_testdir dh_testroot -# dh_installdebconf + dh_installdebconf dh_installdocs - dh_installexamples + dh_installexamples doc/aiccu.conf dh_installmenu # dh_installlogrotate -# dh_installemacsen -# dh_installpam -# dh_installmime - dh_installinit -o --update-rcd-params="start 41 S ." dh_installcron - dh_installman doc/aiccu.1 + dh_installman dh_installinfo # dh_undocumented - dh_installchangelogs + dh_installchangelogs dh_link dh_strip dh_compress dh_fixperms # dh_makeshlibs dh_installdeb -# dh_perl dh_shlibdeps dh_gencontrol dh_md5sums diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/substvars /tmp/0dDlfsosXk/aiccu-20070115/debian/substvars --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/substvars 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/substvars 2006-07-25 11:29:12.000000000 +0200 @@ -0,0 +1 @@ +misc:Depends=debconf (>= 0.5) | debconf-2.0 diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/debian/templates /tmp/0dDlfsosXk/aiccu-20070115/debian/templates --- /tmp/h6kCLsMZDY/aiccu-20050131/debian/templates 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/debian/templates 2007-03-11 14:29:25.000000000 +0100 @@ -0,0 +1,43 @@ +Template: aiccu/username +Type: string +Default: +_Description: Username: + To successfully connect, you must have a valid username. This is + the same as the handle you use to log into the website. + +Template: aiccu/password +Type: password +_Description: Password: + To successfully connect, you must have a valid password. This is + the same password you use to log into the website. + +Template: aiccu/brokername +Type: select +Choices: ${brokers} +_Description: Tunnel Broker: + Select the Tunnel Broker you would like to use. + +Template: aiccu/tunnelname +Type: select +Choices: ${tunnels} +_Description: Tunnel Name: + If you have more than one tunnel configured in your account, you must + specify which tunnel should be activated. + +Template: aiccu/badauth +Type: boolean +_Description: Recheck authentication details? + You most likely have given bad authentication details. Try to login through + the website of the Tunnel Broker or contact them to ask about problems. + +Template: aiccu/nobrokers +Type: note +_Description: No Tunnel Brokers available + No Tunnel Brokers could be retrieved from DNS (_aiccu + _aiccu.sixxs.net) + this most likely indicates a DNS configuration problem. + +Template: aiccu/notunnels +Type: note +_Description: No tunnels available + You currently have no tunnels available. Please go to the SixXS website + at http://www.sixxs.net/ to request a tunnel for your account. diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.1 /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.1 --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.1 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.1 2005-05-21 19:48:53.000000000 +0200 @@ -1,103 +1,56 @@ -.\" $Header: /cvsroot/sixxs/src/aiccu/doc/aiccu.1,v 1.1 2005/01/11 12:16:09 jeroen Exp $ -.\" -.\" transcript compatibility for postscript use. -.\" -.\" synopsis: .P! -.\" -.de P! -.fl -\!!1 setgray -.fl -\\&.\" -.fl -\!!0 setgray -.fl \" force out current output buffer -\!!save /psv exch def currentpoint translate 0 0 moveto -\!!/showpage{}def -.fl \" prolog -.sy sed \-e 's/^/!/' \\$1\" bring in postscript file -\!!psv restore -. -.de pF -.ie \\*(f1 .ds f1 \\n(.f -.el .ie \\*(f2 .ds f2 \\n(.f -.el .ie \\*(f3 .ds f3 \\n(.f -.el .ie \\*(f4 .ds f4 \\n(.f -.el .tm ? font overflow -.ft \\$1 -.. -.de fP -.ie !\\*(f4 \{\ -. ft \\*(f4 -. ds f4\" -' br \} -.el .ie !\\*(f3 \{\ -. ft \\*(f3 -. ds f3\" -' br \} -.el .ie !\\*(f2 \{\ -. ft \\*(f2 -. ds f2\" -' br \} -.el .ie !\\*(f1 \{\ -. ft \\*(f1 -. ds f1\" -' br \} -.el .tm ? font underflow -.. -.ds f1\" -.ds f2\" -.ds f3\" -.ds f4\" -'\" t -.ta 8n 16n 24n 32n 40n 48n 56n 64n 72n -.TH "AICCU" "8" -.SH "NAME" -AICCU \(em Automatic IPv6 Connectivity Configuration Utility -.SH "SYNOPSIS" -.PP -\fBaiccu \fR [\fIconfig\fR] -.SH "DESCRIPTION" -.PP -AICCU makes it very easy for anybody to get IPv6 connectivity -everywhere they want. It uses the TIC (Tunnel Information & Control) -protocol to request the information needed to setup a tunnel through -which the connectivity is created. - -AICCU supports the following tunneling protocols: -- 6in4 static (RFC 2893) -- 6in4 heartbeat (RFC 2893 + draft-massar-v6ops-heartbeat) -- tinc (http://www.tinc-vpn.org) -- AYIYA (draft-massar-v6ops-ayiya) - -As AYIYA even works from behind NAT's, thus unless there is a very -restrictive firewall in place, anybody should be able to get IPv6 -connectivity without problems and everywhere they want. -.SH "OPTIONS" -.IP "start" 10 -Starts aiccu service. - -.IP "stop" 10 -Stops aiccu service. - -.IP "test" 10 -Builds the connection and runs a simple selftest allowing a user -to report this back as it should show most obvious problems. - -.IP "autotest" 10 -Decription here - -.IP "license" 10 -Shows the license aiccu is released under. - -.IP "\fIconfig\fR" 10 -Read the configuration from \fIconfig\fR file. - -.SH "SEE ALSO" -.PP -The AICCU \fIpage (link to URL http://www.sixxs.net/tools/aiccu/) \fR at sixxs. - -.SH "AUTHOR" -.PP -AICCU was written by Jeroen Massar with contributions supplied a number of people as mentioned in the Changelog. -.\" created by instant / docbook-to-man, Sun 09 Jan 2005, 08:57 +.\" This manpage has been automatically generated by docbook2man +.\" from a DocBook document. This tool can be found at: +.\" +.\" Please send any bug reports, improvements, comments, patches, +.\" etc. to Steve Cheng . +.TH "AICCU" "1" "18 April 2005" "" "" + +.SH NAME +AICCU \- Automatic IPv6 Connectivity Configuration Utility +.SH SYNOPSIS + +\fBaiccu \fR \fB\fR [ \fB\fIconfig\fB\fR ] + +.SH "DESCRIPTION" +.PP +AICCU makes it very easy for anybody to get IPv6 connectivity +everywhere they want. It uses the TIC (Tunnel Information & Control) +protocol to request the information needed to setup a tunnel through +which the connectivity is created. +AICCU supports the following tunneling protocols: +- 6in4 static (RFC 2893) +- 6in4 heartbeat (RFC 2893 + draft-massar-v6ops-heartbeat) +- tinc (http://www.tinc-vpn.org) +- AYIYA (draft-massar-v6ops-ayiya) +As AYIYA even works from behind NAT's, thus unless there is a very +restrictive firewall in place, anybody should be able to get IPv6 +connectivity without problems and everywhere they want. +.SH "OPTIONS" +.TP +\fBstart\fR +Starts aiccu service. +.TP +\fBstop\fR +Stops aiccu service. +.TP +\fBtunnels\fR +Prints a list of currently available tunnels. +.TP +\fBtest\fR +Builds the connection and runs a simple selftest allowing a user +to report this back as it should show most obvious problems. +.TP +\fBautotest\fR +Decription here +.TP +\fBlicense\fR +Shows the license aiccu is released under. +.TP +\fB\fIconfig\fB\fR +Read the configuration from \fIconfig\fR file. +.SH "SEE ALSO" +.PP +The AICCU page at sixxs. +.SH "AUTHOR" +.PP +AICCU was written by Jeroen Massar with contributions supplied a number of people as mentioned in the Changelog. diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.conf /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.conf --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.conf 2005-01-09 17:15:19.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.conf 2007-01-15 12:17:31.000000000 +0100 @@ -1,23 +1,78 @@ # AICCU Configuration -# Login information +# Login information (defaults: none) #username #password -# Interface names to use -ipv4_interface eth0 +# Protocol and server to use for setting up the tunnel (defaults: none) +#protocol +#server + +# Interface names to use (default: aiccu) +# ipv6_interface is the name of the interface that will be used as a tunnel interface. +# On *BSD the ipv6_interface should be set to gifX (eg gif0) for proto-41 tunnels +# or tunX (eg tun0) for AYIYA tunnels. ipv6_interface sixxs -# The tunnel_id to use +# The tunnel_id to use (default: none) # (only required when there are multiple tunnels in the list) -tunnel_id Txxxx +#tunnel_id Txxxx -# Be verbose? +# Be verbose? (default: false) verbose false -# Daemonize? +# Daemonize? (default: true) +# Set to false if you want to see any output +# When true output goes to syslog +# +# WARNING: never run AICCU from DaemonTools or a similar automated +# 'restart' tool/script. When AICCU does not start, it has a reason +# not to start which it gives on either the stdout or in the (sys)log +# file. The TIC server *will* automatically disable accounts which +# are detected to run in this mode. +# daemonize true -# Automatic? +# Automatic Login and Tunnel activation? automatic true +# Require TLS? +# When set to true, if TLS is not supported on the server +# the TIC transaction will fail. +# When set to false, it will try a starttls, when that is +# not supported it will continue. +# In any case if AICCU is build with TLS support it will +# try to do a 'starttls' to the TIC server to see if that +# is supported. +requiretls false + +# PID File +#pidfile /var/run/aiccu.pid + +# Add a default route (default: true) +#defaultroute true + +# Script to run after setting up the interfaces (default: none) +#setupscript /usr/local/etc/aiccu-subnets.sh + +# Make heartbeats (default true) +# In general you don't want to turn this off +# Of course only applies to AYIYA and heartbeat tunnels not to static ones +#makebeats true + +# Don't configure anything (default: false) +#noconfigure true + +# Behind NAT (default: false) +# Notify the user that a NAT-kind network is detected +#behindnat true + +# Local IPv4 Override (default: none) +# Overrides the IPv4 parameter received from TIC +# This allows one to configure a NAT into "DMZ" mode and then +# forwarding the proto-41 packets to an internal host. +# +# This is only needed for static proto-41 tunnels! +# AYIYA and heartbeat tunnels don't require this. +#local_ipv4_override + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init 2004-09-01 12:11:51.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init 2006-08-06 18:29:11.000000000 +0200 @@ -27,6 +27,12 @@ exit 0; fi +# Verify that it is in daemonize mode, otherwise it won't ever return +if [ `grep -c "^daemonize true" /etc/aiccu.conf 2>/dev/null` -ne 1 ]; then + echo "AICCU is not configured to daemonize on run" + exit 0; +fi + if [ -f /etc/default/${NAME} ]; then . /etc/default/${NAME} fi diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init.debian /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init.debian --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init.debian 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init.debian 2006-08-06 20:22:28.000000000 +0200 @@ -0,0 +1,69 @@ +#! /bin/sh +# +# /etc/init.d/aiccu: start / stop AICCU +# +# Jeroen Massar + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +NAME=aiccu +DAEMON=/usr/sbin/${NAME} +DESC="SixXS Automatic IPv6 Connectivity Client Utility (${NAME})" +BACKGROUND=true + +# Options +OPTIONS="" + +test -x $DAEMON || exit 0 + +. /lib/lsb/init-functions + +if [ -f /etc/default/${NAME} ]; then + . /etc/default/${NAME} +fi + +# Verify that the configuration file exists +if [ ! -f /etc/aiccu.conf ]; then + echo "AICCU Configuration file /etc/aiccu.conf doesn't exist" + exit 0; +fi + +# Verify that the configuration is correct +if [ `grep -c "^username" /etc/aiccu.conf 2>/dev/null` -ne 1 ]; then + echo "AICCU is not configured, edit /etc/aiccu.conf first" + exit 0; +fi + +# Verify that it is in daemonize mode, otherwise it won't ever return +if [ `grep -c "^daemonize true" /etc/aiccu.conf 2>/dev/null` -ne 1 ]; then + echo "AICCU is not configured to daemonize on run" + exit 0; +fi + +if [ "$BACKGROUND" = "false" ]; then + exit 0; +fi + +case "$1" in + start) + log_begin_msg "Starting $DESC..." + start-stop-daemon --start --oknodo --quiet --exec $DAEMON -- start $OPTIONS + log_end_msg $? + ;; + stop) + log_begin_msg "Stopping $DESC..." + start-stop-daemon --stop --oknodo --quiet --exec $DAEMON -- stop + log_end_msg $? + ;; + restart|reload|force-reload) + log_begin_msg "Restarting $DESC..." + start-stop-daemon --stop --oknodo --quiet --exec $DAEMON -- stop + sleep 2 + start-stop-daemon --start --oknodo --quiet --exec $DAEMON -- start $OPTIONS + log_end_msg $? + ;; + *) + echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart}" >&2 + exit 1 +esac + +exit 0 diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init.gentoo /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init.gentoo --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init.gentoo 2004-09-18 20:34:56.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init.gentoo 2007-01-11 14:47:03.000000000 +0100 @@ -2,6 +2,7 @@ depend() { need net + after ntp-client } checkconfig() { diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init.rpm /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init.rpm --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.init.rpm 2005-01-07 10:36:02.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.init.rpm 2006-09-04 11:36:25.000000000 +0200 @@ -3,10 +3,10 @@ # description: Starts and stops the AICCU daemon # # aiccu: Starts and stops the AICCU daemon -# description: hearbeat daemon for IPv6-in-IPv4 (Proto-41, AYIYA, Tinc) tunnels +# description: hearbeat daemon for IPv6-in-IPv4 (Proto-41, AYIYA, Heartbeat) tunnels # pidfile: /var/run/aiccu.pid # config: /etc/aiccu.conf -# chkconfig: 345 15 85 +# chkconfig: - 59 73 # processname: aiccu # Source function library. @@ -85,6 +85,9 @@ stop ;; restart) + restart + ;; + reload) restart ;; status) @@ -94,7 +97,7 @@ [ -f /var/lock/subsys/aiccu ] && restart || : ;; *) - echo $"Usage: $0 {start|stop|restart|status|condrestart}" + echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}" exit 1 esac diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.sgml /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.sgml --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/aiccu.sgml 2005-01-09 17:09:34.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/aiccu.sgml 2005-05-21 19:48:53.000000000 +0200 @@ -54,7 +54,7 @@ aiccu - <start|stop|test|autotest|license> + <start|stop|tunnels|test|autotest|license> config @@ -104,6 +104,15 @@ + tunnels + + + Prints a list of currently available tunnels. + + + + + test diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/changelog /tmp/0dDlfsosXk/aiccu-20070115/doc/changelog --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/changelog 2005-01-31 20:29:09.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/changelog 2007-01-15 13:34:19.000000000 +0100 @@ -1,3 +1,126 @@ +aiccu (20070115) stable; urgency=medium + * Fixup in Debian init script (based on original patch by Bernhard Schmidt). + * Change in redirections so that errors don't show in debconf menu's etc. + * NetBSD fixes as there is not always a Tunnel Device that + supports IPv6 (thanks to Geert Hendrickx). + * Gentoo ebuild update, adding depends and require ntp-client. + * RPM spec update, add build-requirement. + * Check return values of system commands. + * Added a big warning about running AICCU from Daemontools and similar + programs which run AICCU in a loop, thus hammering the TIC server. + * Be a bit smarter in checking for support of IPv6. + + -- Jeroen Massar Mon, 15 Jan 2007 11:00:42 +0000 + +aiccu (20070107) stable; urgency=high + * 2007 Edition of AICCU. + * License change to standard 3-clause BSD license. + With thanks to Theo de Raadt, Marco d'Itri and Philipp Kern for + their wise words and reasoning for coming to this decision. + * High urgency because of the above and it fixing large problems. + * Fixed Mac OS X / Darwin support on the MacBookPro of Pim van Pelt. + * Added MTU, from TIC, configuration on most platforms. + * Fixed up silly linux bug, adding LL address to tunnels but not to tun/taps. + * Removed Win32 Alpha Endianess (reported by Christian Weisgerber). + * Fixed up alignment error in parseline() (reported by Christian Weisgerber). + * OpenBSD 4.0 support (patch provided by Christian Weisgerber). + * OpenBSD AYIYA fixup (patch provided by Pim van Pelt). + * Fedora/RPM init script fixup (bash case's don't fall through) + reported and patch supplied by Matt Domsch. + * NetBSD AYIYA support (noted by Tobias Riediger) + Works on NetBSD 4.x, for NetBSD 3.0 one needs to patch tun/tap to + support IPv6. Patch is available from the archives. + * local_ipv4_override option so one can use AICCU behind a NAT that + has been configured correctly to do proto-41 forwarding. This is + usually called a DMZ setup. + + -- Jeroen Massar Sun, 07 Jan 2007 14:00:42 +0000 + +aiccu (20060806) stable; urgency=low + * Changelog version format change as the 'official' (before there where + legal issues as they don't understand the word 'SHOULD' which is cleary + defined in the IETF and now somebody simply uploaded it anyway it without + even asking or notifying us about it) debian packages which are broken, + old and unsupported would seem newer and thus this new version would not + get updated to even when folks would have the official AICCU repository + in their sources.list. This solves that issue. + * pidfile fixup and configuration parameter. + * Corrected Broker selection in debconf. + * Configuration file rewriting by debconf is now done in a 'nice' way. + + -- Jeroen Massar Sun, 6 Aug 2006 13:56:42 +0100 + +aiccu (2006-07-25) stable; urgency=low + * DragonFlyBSD fix + + -- Jeroen Massar Tue, 25 Jul 2006 11:22:42 +0100 + +aiccu (2006-07-23) stable; urgency=low + * The Nina'th release. + * Verified AYIYA support on Windows, OpenBSD, FreeBSD and Linux ia32/AMD64/armeb. + * Disabled TSP and L2TP (Teepee) support as they are not finished. + * No more IPv4 interface as it is not used anymore. + * On AIX we now compile with xlc_r. + * Retrieves Tunnel Brokers from _aiccu. and from _aiccu.sixxs.net. + + -- Jeroen Massar Sun, 23 Jul 2006 16:48:42 +0100 + +aiccu (2006-07-13) stable; urgency=low + * Added no-configure and defaultroute options. + * AYIYA now forks so that AYIYA heartbeats work. + * Ctrl-C handling + * Protocol and server can be specified in configuration file + * AYIYA fixes: header alignment, Win32 TAP 8.1 support + * TAP listing using --listtaps (windows) + * Confuration can now be saved using a menu entry in the GUI (windows) + * TAP interface renaming when it's the only TAP and name not in the config (windows) + * Fedora fixes by Matt Domsch + + -- Jeroen Massar Thu, 13 Jul 2006 22:42:42 +0100 + +aiccu (2006-03-10) stable; urgency=low + * Changed Debian start/stop priority as noted by Mario 'BitKoenig' Holbe. + They now match openvpn/pppd etc. + + -- Jeroen Massar Fri, 10 Mar 2006 21:24:42 +0100 + +aiccu (2005-12-05) stable; urgency=low + * DragonFlyBSD (uses the FreeBSD4 interface) added as noted by Geert Hendrickx. + + -- Jeroen Massar Sun, 14 Aug 2005 14:10:42 +0200 + +aiccu (2005-08-14) stable; urgency=low + * Mac OS X typo-fix (reported by Wim Biemolt) + * GNUTLS support. TIC will go over TLS avoiding cleartext + negotiations where possible. + * Heartbeat stop & start per signal (requested by Peter Bieringer) + * AYIYA Heartbeating. + * L2TPv2 Support. + * TSP Support. + * Gary Coady's Debian/Ubuntu update: + * Use dpkg-buildpackage to generate deb files + * Remove configuration checks from Debian init script + * Use common print functions in Debian init script + * Add 'tunnels' parameter to aiccu, which reports available tunnels + * Return non-zero exit code if unable to successfully authenticate + to POP + * Log to stderr instead of stdout + * Send signal 0 to existing aiccu binary instead of SIGHUP + * Add debconf support + Thanks to Gary for these very nice addons! + * Added OpenBSD PortInfo by Thomas Kaschwig + * Added Makefile changes to support FreeBSD6, noted by Meno Abels + * Added _NETBSD_SOURCE define as mentioned by Maarten Dammers + * Changed aiccu_kame to do configuration differently depending + if the interface is a proto-41 one or a tun device. + * Solaris and AIX support + Endian Fixes. + * 'version' option for unix_console. + * 64bit fixes + compilation check against a big number of platforms. + * Multiple Tunnelbrokers Support using TXT records from _aiccu.sixxs.net DNS. + * AYIYA Port number set to 5072 (IANA assigned) + + -- Jeroen Massar Sun, 14 Aug 2005 14:10:42 +0200 + aiccu (2005-01-31) stable; urgency=low * Full integration of AYIYA, thus normal request procedures * Version -gui/-console correction diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/COPYRIGHT /tmp/0dDlfsosXk/aiccu-20070115/doc/COPYRIGHT --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/COPYRIGHT 2005-01-09 17:09:14.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/COPYRIGHT 2007-01-07 12:58:59.000000000 +0100 @@ -1,6 +1,6 @@ The code for AICCU was written by Jeroen Massar -The copyright for this package is owned by SixXS. -(C) Copyright SixXS 2003-2005 All Rights Reserved +The copyright for this package is owned by SixXS Staff . +(C) Copyright SixXS 2003-2007 All Rights Reserved -Website: http://www.sixxs.net +Website: http://www.sixxs.net/tools/aiccu/ diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/HOWTO /tmp/0dDlfsosXk/aiccu-20070115/doc/HOWTO --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/HOWTO 2004-08-29 18:49:58.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/HOWTO 2007-01-09 22:30:26.000000000 +0100 @@ -1,23 +1,40 @@ Howto AICCU ~~~~~~~~~~~ +For AYIYA support: + - Windows & Mac OS X: Install the driver mentioned in the FAQ. + at http://www.sixxs.net/faq/ + - Linux, *BSD: make sure that the tun/tap device is available. + NetBSD v3 users - check the IPv6 tun/tap patch on + http://www.sixxs.net/archive/sixxs/aiccu/unix/ + - Windows GUI client: - Just run and follow the dialogs. - Window GUI client as a service: - - Edit aiccu.conf and fill in the required values. + - Run the GUI client without options. + - Choose all the correct settings and check that + the tunnel works. + - Select the "Auto Enable" button on the info page. + - Select the "Save Configuration" option from the menu. + (See screenshots for its location) + - Quit the GUI. - Install it as a service using "aiccu /i" - - "net start aiccu" + - Then use "net start aiccu" or start it from the + service control manager (services.msc) - One can uninstall the service with "aiccu /u" + One can uninstall the service with "aiccu /u" and + of course use the start/stop options to start/stop it. - Unix/Windows console client: - - Edit aiccu.conf and fill in the required values. - - Just run it. + - Edit /etc/aiccu.conf and fill in the required values. + - Run aiccu test; aiccu start If there any problems: - read the SixXS FAQ at http://www.sixxs.net/faq/ - check the SixXS Forum at http://www.sixxs.net/forum/ + If then it still fails, contact the SixXS staff as described per http://www.sixxs.net/contact/ - +For problem reports please read and use the "Reporting Problems" +section on that page to determine where the problem occurs. diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/LICENSE /tmp/0dDlfsosXk/aiccu-20070115/doc/LICENSE --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/LICENSE 2004-08-30 21:14:35.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/LICENSE 2007-01-07 15:55:59.000000000 +0100 @@ -1,16 +1,6 @@ -AICCU LICENSE -~~~~~~~~~~~~~ +The SixXS License - http://www.sixxs.net/ -For the quick reader this is a slightly modified BSD license: - - names changed from Regents/University to SixXS. - - point 3 -'written', for us an email will suffice. - - point 4 and 5 added. - -Basically we thus allow anybody to use it in any way, but we would like -to be notified when you are using it for not connecting to SixXS. --- - -Copyright (C) SixXS +Copyright (C) SixXS Staff All rights reserved. Redistribution and use in source and binary forms, with or without @@ -24,24 +14,6 @@ 3. Neither the name of SixXS nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior permission. -4. One should not remove any reference to, or logo of, SixXS. -5. When the software is altered to not use SixXS services, one is kindly - asked to notify SixXS of this by sending an email to the SixXS Staff - at info@sixxs.net, containing at least the following details: - 8<-------- - Organisation : Organisation Name - Email : mailbox@example.com - Website : http://www.example.com - is using software for: - < - description of: - the usage - the reason why it was modified - > - -------->8 - Additional information details may of course be provided. - We request this to be able to know why people would choose not to - use the services provided by SixXS and the participating ISP's. THIS SOFTWARE IS PROVIDED BY SIXXS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/manpage.refs /tmp/0dDlfsosXk/aiccu-20070115/doc/manpage.refs --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/manpage.refs 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/manpage.refs 2005-05-21 19:48:53.000000000 +0200 @@ -0,0 +1,3 @@ +{ + '' => '' +} diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/README /tmp/0dDlfsosXk/aiccu-20070115/doc/README --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/README 2005-01-09 17:09:18.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/README 2007-01-15 12:22:04.000000000 +0100 @@ -8,13 +8,18 @@ AICCU supports the following tunneling protocols: - 6in4 static (RFC 2893) - 6in4 heartbeat (RFC 2893 + draft-massar-v6ops-heartbeat) - - tinc (http://www.tinc-vpn.org) - AYIYA (draft-massar-v6ops-ayiya) As AYIYA even works from behind NAT's, thus unless there is a very restrictive firewall in place, anybody should be able to get IPv6 connectivity without problems and everywhere they want. +WARNING: never run AICCU from DaemonTools or a similar automated +'restart' tool/script. When AICCU does not start, it has a reason +not to start which it gives on either the stdout or in the (sys)log +file. The TIC server *will* automatically disable accounts which +are detected to run in this mode. + The main AICCU page, containing information, screenshots, updates and of course the software itself, unix source + binaries/packages and Windows binaries, can be downloaded from: @@ -26,12 +31,15 @@ The author of this code is: Jeroen Massar -SixXS Staff -http://www.sixxs.net +SixXS Staff +http://www.sixxs.net/ + +With patches accepted from other sources as can be found +in the changelog. Contact ~~~~~~~ -In the event that you find bugs or have questions then see: +In the event that you find bugs or have questions please see: http://www.sixxs.net/contact/ which contains the contact details of the SixXS Staff. @@ -39,6 +47,10 @@ check the FAQ at http://www.sixxs.net/faq/ and check the Forum which can be found at http://www.sixxs.net/forum/ +If you are using this software please notify us of it. We are +always interrested to hear in what various ways people are +using our software. + License ~~~~~~~ See the LICENSE file in the doc directory @@ -46,5 +58,5 @@ Copyright ~~~~~~~~~ Automatic IPv6 Connectivity Configuration Utility -AICCU (C) Copyright 2003-2005 SixXS +AICCU (C) Copyright 2003-2007 SixXS Staff diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/doc/setupscript.cmd /tmp/0dDlfsosXk/aiccu-20070115/doc/setupscript.cmd --- /tmp/h6kCLsMZDY/aiccu-20050131/doc/setupscript.cmd 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/doc/setupscript.cmd 2006-07-18 23:31:35.000000000 +0200 @@ -0,0 +1,4 @@ +echo "The following variables are available to this script as passed by AICCU:" +echo "1: %1%" +echo "2: %2%" +echo "3: %3%" diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/freebsd/files/sixxs-aiccu.in /tmp/0dDlfsosXk/aiccu-20070115/freebsd/files/sixxs-aiccu.in --- /tmp/h6kCLsMZDY/aiccu-20050131/freebsd/files/sixxs-aiccu.in 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/freebsd/files/sixxs-aiccu.in 2006-12-21 15:23:26.000000000 +0100 @@ -0,0 +1,31 @@ +#!/bin/sh +# +# $FreeBSD: ports/net/sixxs-aiccu/files/sixxs-aiccu.sh,v 1.3 2006/02/20 20:47:30 dougb Exp $ +# + +# PROVIDE: sixxs-aiccu +# REQUIRE: NETWORKING + +# +# Add the following lines to /etc/rc.conf to enable sixxs-aiccu: +# +#sixxs_aiccu_enable="YES" +# + +. %%RC_SUBR%% + +name=sixxs_aiccu +rcvar=`set_rcvar` + +command="%%PREFIX%%/sbin/sixxs-aiccu" +command_args=%%PREFIX%%/etc/aiccu.conf +start_cmd="%%PREFIX%%/sbin/sixxs-aiccu start $command_args" +stop_cmd="%%PREFIX%%/sbin/sixxs-aiccu stop $command_args" +required_files=%%PREFIX%%/etc/aiccu.conf + +# set default +sixxs_aiccu_enable=${sixxs_aiccu_enable:-"NO"} + +load_rc_config ${name} +run_rc_command "$1" + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/freebsd/Makefile /tmp/0dDlfsosXk/aiccu-20070115/freebsd/Makefile --- /tmp/h6kCLsMZDY/aiccu-20050131/freebsd/Makefile 2005-01-31 21:38:54.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/freebsd/Makefile 2007-01-07 19:32:52.000000000 +0100 @@ -3,29 +3,33 @@ # Initial FreeBSD port by: Meno Abels # Comments for this port please to the SixXS staff # -# $FreeBSD$ +## $FreeBSD: /repoman/r/pcvs/ports/net/sixxs-aiccu/Makefile,v 1.1 2005/03/14 17:47:07 vs Exp $ # -PORTNAME= sixxs-aiccu -PORTVERSION= 20050131 -PORTREVISION= 1 -CATEGORIES= net ipv6 -MASTER_SITES= http://www.sixxs.net/archive/sixxs/aiccu/unix/ -DISTFILES= aiccu_current.tgz +#PORTNAME= sixxs-aiccu +PORTVERSION= 20070107 +CATEGORIES= net ipv6 +MASTER_SITES= http://www.sixxs.net/archive/sixxs/aiccu/unix/ +DISTNAME= aiccu_20070107 + +# Maintainer of the FreeBSD port, but always copy: info@sixxs.net +MAINTAINER= meno.abels@adviser.com +COMMENT= IPv6 Tunnel Broker client capable of configuring using TIC, static, AYIYA and heartbeat tunnels -MAINTAINER= info@sixxs.net -COMMENT= Automatic IPv6 Connectivity Configuration Utility (AICCU) - -USE_RC_SUBR= yes +USE_RC_SUBR= sixxs-aiccu USE_GMAKE= yes +CFLAGS+= ${PTHREAD_CFLAGS} +LDFLAGS+= ${PTHREAD_LIBS} +MAKE_ARGS= CC="${CC}" +MAKE_ENV= CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" WRKSRC= ${WRKDIR}/aiccu +BUILD_WRKSRC= ${WRKDIR}/aiccu/unix-console + +PORTDOCS= README +# FreeBSD doesn't use named interfaces, thus default to gif0 pre-build: - @${SED} -e 's:%%PREFIX%%:${PREFIX}:g' \ - -e 's:%%RC_SUBR%%:${RC_SUBR}:g' \ - ${WRKSRC}/doc/aiccu.init.freebsd >${WRKDIR}/aiccu.init.freebsd @${SED} \ - -e 's:ipv4_interface eth0:ipv4_interface sis0:' \ -e 's:ipv6_interface sixxs:ipv6_interface gif0:' \ ${WRKSRC}/doc/aiccu.conf > ${WRKDIR}/aiccu.conf @@ -34,23 +38,8 @@ ${INSTALL_PROGRAM} ${WRKSRC}/unix-console/aiccu ${PREFIX}/sbin/sixxs-aiccu ${INSTALL_DATA} ${WRKSRC}/doc/README ${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/doc/LICENSE ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/doc/HOWTO ${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/doc/aiccu.conf ${EXAMPLESDIR} ${INSTALL_DATA} ${WRKDIR}/aiccu.conf ${PREFIX}/etc/aiccu.conf.sample - ${INSTALL_SCRIPT} ${WRKDIR}/aiccu.init.freebsd ${PREFIX}/etc/rc.d/sixxs-aiccu.sh - -post-install: - if [ \! -f ${PREFIX}/etc/aiccu.conf ]; then \ - ${MV} ${PREFIX}/etc/aiccu.conf.sample ${PREFIX}/etc/aiccu.conf.sample; \ - fi - -.include - -.if ${OSVERSION} > 501100 -GIFCONFIG= netbsd -.else -GIFCONFIG= freebsd -.endif -.include +.include diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/freebsd/pkg-plist /tmp/0dDlfsosXk/aiccu-20070115/freebsd/pkg-plist --- /tmp/h6kCLsMZDY/aiccu-20050131/freebsd/pkg-plist 2004-09-08 21:13:15.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/freebsd/pkg-plist 2006-12-21 15:25:13.000000000 +0100 @@ -1,5 +1,4 @@ @comment $FreeBSD$ -etc/rc.d/sixxs-aiccu.sh etc/aiccu.conf.sample sbin/sixxs-aiccu %%DOCSDIR%%/README diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/gentoo/aiccu-ebuild /tmp/0dDlfsosXk/aiccu-20070115/gentoo/aiccu-ebuild --- /tmp/h6kCLsMZDY/aiccu-20050131/gentoo/aiccu-ebuild 2004-09-17 09:28:19.000000000 +0200 +++ /tmp/0dDlfsosXk/aiccu-20070115/gentoo/aiccu-ebuild 2007-01-11 15:16:06.000000000 +0100 @@ -1,19 +1,20 @@ -DESCRIPTION="AICCU Client to configure an IPv6 tunnel to SixXS" +inherit eutils + +DESCRIPTION="AICCU, a cient to configure an IPv6 tunnel to SixXS and other Tunnel Brokers" HOMEPAGE="http://www.sixxs.net/" SRC_URI="http://www.sixxs.net/archive/sixxs/aiccu/unix/aiccu_current.tar.gz" -LICENSE="SixXS" +LICENSE="BSD" SLOT="0" -KEYWORDS="~x86" +KEYWORDS="x86 amd64 ppc arm hppa" IUSE="" -DEPEND="" +DEPEND="net-libs/gnutls sys-apps/iproute2" S=${WORKDIR}/aiccu - src_compile() { cd ${S} export RPM_OPT_FLAGS=${CFLAGS} - make || die "Build Failed" + make || die "Build Failed" } src_install() { @@ -24,8 +25,6 @@ dodoc doc/{HOWTO,LICENSE,README,changelog} exeinto /etc/init.d newexe doc/aiccu.init.gentoo aiccu - - } pkg_postinst() { @@ -33,6 +32,5 @@ einfo "To add support for a SixXS connection at startup, do" einfo "edit your /etc/aiccu.conf and do" einfo "# rc-update add aiccu default" - } diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/Makefile /tmp/0dDlfsosXk/aiccu-20070115/Makefile --- /tmp/h6kCLsMZDY/aiccu-20050131/Makefile 2007-03-11 14:29:25.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/Makefile 2007-01-11 01:29:33.000000000 +0100 @@ -6,8 +6,8 @@ # Packaging Makefile # *********************************************************** # $Author: jeroen $ -# $Id: Makefile,v 1.11 2005/01/11 15:12:56 jeroen Exp $ -# $Date: 2005/01/11 15:12:56 $ +# $Id: Makefile,v 1.22 2007-01-11 00:29:33 jeroen Exp $ +# $Date: 2007-01-11 00:29:33 $ # **********************************************************/ # # Note for BSD people: use GNU Make (gmake) @@ -24,17 +24,14 @@ RPMBUILD_SILENCE=>/dev/null 2>/dev/null # Excludes for limited source release -EXCLUDES=--exclude "${PROJECT}/windows-*" --exclude common/aiccu_win32.c --exclude CVS +EXCLUDES=--exclude "${PROJECT}/windows-*" --exclude "${PROJECT}/common/aiccu_win32.c" --exclude CVS --exclude "${PROJECT}/common/tsp*" --exclude "${PROJECT}/common/teepee*" +DEBEXCL=-Iwindows-* -Icommon/aiccu_win32.c -I*CVS* -Icommon/tsp* -Icommon/teepee* # Change this if you want to install into another dirtree # Required for eg the Debian Package builder DESTDIR= export DESTDIR -# Get the source dir, needed for eg debsrc -SOURCEDIR := $(shell pwd) -SOURCEDIRNAME := $(shell basename `pwd`) - # This may be updated by RPM's for instance CFLAGS=${RPM_OPT_FLAGS} @@ -50,7 +47,6 @@ export PROJECT_VERSION export PROJECT_COPYRIGHT export DESTDIR -export SOURCEDIR export RM export MV export CC @@ -61,6 +57,7 @@ export diretc export dirdoc export RPM_OPT_FLAGS +export CFLAGS #################### ## Makefile Targets @@ -85,10 +82,11 @@ $(shell [ -f ${DESTDIR}${diretc}${PROJECT}.conf ] || cp -R doc/${PROJECT}.conf ${DESTDIR}${diretc}${PROJECT}.conf) @echo "Documentation..." @cp doc/README ${DESTDIR}${dirdoc} + @cp doc/LICENSE ${DESTDIR}${dirdoc} @cp doc/HOWTO ${DESTDIR}${dirdoc} @echo "Installing Debian-style init.d" @mkdir -p ${DESTDIR}${diretc}init.d - @cp doc/${PROJECT}.init ${DESTDIR}${diretc}init.d/${PROJECT} + @cp doc/${PROJECT}.init.debian ${DESTDIR}${diretc}init.d/${PROJECT} else @echo "Installing Redhat-style init.d" @mkdir -p ${DESTDIR}${diretc}init.d @@ -107,7 +105,7 @@ @echo "clean : Clean the dirs to be pristine in bondage" @echo @echo "Distribution targets:" - @echo "dist : Make all distribution targets" + @echo "dist : Make all distribution targets (except rpm's)" @echo "tar : Make source tarball (tar.gz)" @echo "bz2 : Make source tarball (tar.bz2)" @echo "deb : Make Debian binary package (.deb)" @@ -139,51 +137,43 @@ -${RM} windows-console/AICCU.ncb # Generate Distribution files -dist: tar bz2 deb debsrc rpm rpmsrc +dist: tar bz2 deb # tar.gz tar: clean -${RM} ../${PROJECT}_${PROJECT_VERSION}.tar.gz - tar -zclo -C .. ${EXCLUDES} -f ../${PROJECT}_${PROJECT_VERSION}.tar.gz ${PROJECT} + tar -zco -C .. ${EXCLUDES} -f ../${PROJECT}_${PROJECT_VERSION}.tar.gz ${PROJECT} # tar.gz (full) tarfull: clean -${RM} ../${PROJECT}_${PROJECT_VERSION}.tar.gz - tar -zclo -C .. -f ../${PROJECT}_${PROJECT_VERSION}.tar.gz ${PROJECT} + tar -zco -C .. -f ../${PROJECT}_${PROJECT_VERSION}-full.tar.gz ${PROJECT} # tar.bz2 bz2: clean -${RM} ../${PROJECT}_${PROJECT_VERSION}.tar.bz2 - tar -jclo -C .. ${EXCLUDES} -f ../${PROJECT}_${PROJECT_VERSION}.tar.bz2 ${PROJECT} + tar -jco -C .. ${EXCLUDES} -f ../${PROJECT}_${PROJECT_VERSION}.tar.bz2 ${PROJECT} # tar.bz2 (full) bz2full: clean -${RM} ../${PROJECT}_${PROJECT_VERSION}.tar.bz2 - tar -jclo -C .. -f ../${PROJECT}_${PROJECT_VERSION}.tar.bz2 ${PROJECT} + tar -jco -C .. -f ../${PROJECT}_${PROJECT_VERSION}-full.tar.bz2 ${PROJECT} # .deb deb: clean # Copy the changelog ${CP} doc/changelog debian/changelog - ${CP} doc/${PROJECT}.init debian/${PROJECT}.init - debian/rules binary - ${MAKE} clean - -# Source .deb -debsrc: clean - # Copy the changelog - ${CP} doc/changelog debian/changelog - cd ..; dpkg-source -b ${SOURCEDIR}; cd ${SOURCEDIR} + ${CP} doc/${PROJECT}.init.debian debian/${PROJECT}.init + dpkg-buildpackage $(DEBEXCL) -rfakeroot ${MAKE} clean # Cleanup after debian debclean: - #${RM} debian/changelog - ${RM} debian/${PROJECT}.init + -${RM} debian/${PROJECT}.init debian/${PROJECT}.conffiles if [ -f build-stamp ]; then debian/rules clean; fi # RPM -rpm: rpmclean tar +rpm: clean tar -${RM} /usr/src/redhat/RPMS/i386/${PROJECT}-*.rpm ${RPMBUILD} -tb --define '${PROJECT}_version ${PROJECT_VERSION}' ../${PROJECT}_${PROJECT_VERSION}.tar.gz ${RPMBUILD_SILENCE} @if [ -d /usr/src/redhat/RPMS/i386/ ]; then mv /usr/src/redhat/RPMS/i386/${PROJECT}-*.rpm ../; fi @@ -193,19 +183,19 @@ ${MAKE} clean @echo "RPMBuild done" -rpmsrc: rpmclean tar +rpmsrc: clean tar -${RM} /usr/src/redhat/RPMS/i386/${PROJECT}-*src.rpm ${RPMBUILD} -ts --define '${PROJECT}_version ${PROJECT_VERSION}' ../${PROJECT}_${PROJECT_VERSION}.tar.gz ${RPMBUILD_SILENCE} @if [ -d /usr/src/redhat/RPMS/i386/ ]; then mv /usr/src/redhat/RPMS/i386/${PROJECT}-*.src.rpm ../; fi @if [ -d /usr/src/rpm/RPMS/i386/ ]; then mv /usr/src/rpm/RPMS/i386/${PROJECT}-*.src.rpm ../; fi @echo "Resulting RPM's:" @ls -l ../${PROJECT}-*.rpm - ${MAKE} clean} + ${MAKE} clean @echo "RPMBuild-src done" -rpmclean: clean +rpmclean: -${RM} ../${PROJECT}_${PROJECT_VERSION}.tar.gz # Mark targets as phony -.PHONY : all install help clean dist tar bz2 deb debsrc debclean rpm rpmsrc +.PHONY : all install help clean dist tar bz2 deb debclean rpm rpmsrc diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/DESCR /tmp/0dDlfsosXk/aiccu-20070115/netbsd/DESCR --- /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/DESCR 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/netbsd/DESCR 2007-01-06 15:08:35.000000000 +0100 @@ -0,0 +1,7 @@ +AICCU (Automatic IPv6 Connectivity Client Utility) makes it easy for users to +get IPv6 connectivity via SixXs. After having requested an account, tunnel and +optionally a subnet, AICCU can be used to automatically configure the tunnel. +AICCU supports TIC (Tunnel Information & Control protocol), which it uses for +retrieving the tunnel configuration information, AYIYA, which allows tunnels to +be created even behind firewalls and NATs. + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/Makefile /tmp/0dDlfsosXk/aiccu-20070115/netbsd/Makefile --- /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/netbsd/Makefile 2007-01-06 15:07:21.000000000 +0100 @@ -0,0 +1,46 @@ +# $NetBSD: Makefile,v 1.7 2006/11/10 20:58:09 rillig Exp $ + +DISTNAME= aiccu_2006.07.25 +PKGNAME= ${DISTNAME:S/_/-/:S/.//g} +CATEGORIES= net +MASTER_SITES= http://www.sixxs.net/archive/sixxs/aiccu/unix/ + +MAINTAINER= ghen@NetBSD.org +HOMEPAGE= http://www.sixxs.net/tools/aiccu/ +COMMENT= Automatic IPv6 Connectivity Client Utility + +USE_TOOLS+= gmake +CHECK_PORTABILITY_SKIP+= debian/* + +SUBST_CLASSES+= sysconfdir +SUBST_STAGE.sysconfdir= post-patch +SUBST_FILES.sysconfdir= common/aiccu.h +SUBST_SED.sysconfdir= -e 's,/etc/aiccu.conf,${PKG_SYSCONFDIR}/aiccu.conf,' + +EXAMPLESDIR= ${PREFIX}/share/examples/aiccu +DOCDIR= ${PREFIX}/share/doc/aiccu +CONF_FILES= ${EXAMPLESDIR}/aiccu.conf ${PKG_SYSCONFDIR}/aiccu.conf +CONF_FILES_MODE= 0600 + +RCD_SCRIPTS= aiccu + +.include "options.mk" + +# the distfile untars as ${WRKDIR}/aiccu/ but this would conflict with the +# rc.d script that gets copied to the same name ${WRKDIR}/${RCD_SCRIPTS} +post-extract: + ${MV} ${WRKDIR}/aiccu ${WRKDIR}/${DISTNAME} + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/unix-console/aiccu ${PREFIX}/sbin/ + ${INSTALL_MAN} ${WRKSRC}/doc/aiccu.1 ${PREFIX}/${PKGMANDIR}/man1/ + ${INSTALL_DATA_DIR} ${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/aiccu.conf ${EXAMPLESDIR}/ + ${INSTALL_DATA_DIR} ${DOCDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/README ${DOCDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/LICENSE ${DOCDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/HOWTO ${DOCDIR} + +.include "../../mk/pthread.buildlink3.mk" +.include "../../mk/bsd.pkg.mk" + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/options.mk /tmp/0dDlfsosXk/aiccu-20070115/netbsd/options.mk --- /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/options.mk 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/netbsd/options.mk 2007-01-06 15:02:42.000000000 +0100 @@ -0,0 +1,15 @@ +# $NetBSD: options.mk,v 1.2 2007/01/03 15:25:12 tv Exp $ + +PKG_OPTIONS_VAR= PKG_OPTIONS.aiccu +PKG_SUPPORTED_OPTIONS= gnutls +PKG_OPTIONS_REQUIRED_GROUPS= inet6 # require inet6 capability +PKG_OPTIONS_GROUP.inet6= inet6 + +.include "../../mk/bsd.options.mk" + +.if !empty(PKG_OPTIONS:Mgnutls) +.include "../../security/gnutls/buildlink3.mk" +CFLAGS+= -D AICCU_GNUTLS +LDFLAGS+= -lgnutls +.endif + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/PLIST /tmp/0dDlfsosXk/aiccu-20070115/netbsd/PLIST --- /tmp/h6kCLsMZDY/aiccu-20050131/netbsd/PLIST 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/netbsd/PLIST 2007-01-06 15:07:30.000000000 +0100 @@ -0,0 +1,11 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2005/12/29 14:53:52 ghen Exp $ +man/man1/aiccu.1 +sbin/aiccu +share/doc/aiccu/HOWTO +share/doc/aiccu/LICENSE +share/doc/aiccu/README +share/examples/aiccu/aiccu.conf +share/examples/rc.d/aiccu +@dirrm share/examples/aiccu +@dirrm share/doc/aiccu + diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/distinfo /tmp/0dDlfsosXk/aiccu-20070115/openbsd/distinfo --- /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/distinfo 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/openbsd/distinfo 2005-05-16 23:07:18.000000000 +0200 @@ -0,0 +1,4 @@ +MD5 (aiccu_2005.01.31.tar.gz) = 7c3da5feab3d59fb5a99a45203e0ca56 +SHA1 (aiccu_2005.01.31.tar.gz) = 2d3e9e1844e7e2b2ae144b00974a9d1022b45396 +RMD160 (aiccu_2005.01.31.tar.gz) = 48f9508bb62984acc8cde8419765c5003a7200f4 +SIZE (aiccu_2005.01.31.tar.gz) = 45672 diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/Makefile /tmp/0dDlfsosXk/aiccu-20070115/openbsd/Makefile --- /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/openbsd/Makefile 2007-01-07 19:29:36.000000000 +0100 @@ -0,0 +1,45 @@ +# $OpenBSD$ + +COMMENT= "Automatic IPv6 Connectivity Configuration Utility (AICCU)" + +PKGNAME= sixxs-aiccu-2007-01-07 +DISTNAME= aiccu_20070107 +CATEGORIES= net + +HOMEPAGE= http://www.sixxs.net/tools/aiccu/ +MASTER_SITES= http://www.sixxs.net/archive/sixxs/aiccu/unix/ + +MAINTAINER= Thomas Kaschwig + +SED= /usr/bin/sed + +# GPL +PERMIT_PACKAGE_CDROM= Yes +PERMIT_PACKAGE_FTP= Yes +PERMIT_DISTFILES_CDROM= Yes +PERMIT_DISTFILES_FTP= Yes +WANTLIB= c pthread + +EXTRACT_SUFX= .tar.gz +WRKDIST= ${WRKDIR}/aiccu + +NO_REGRESS= Yes + +USE_GMAKE= Yes +DOCDIR= ${PREFIX}/share/doc/sixxs-aiccu +EXAMPLEDIR= ${PREFIX}/share/examples/sixxs-aiccu + +pre-build: + ${SED} -e 's:ipv6_interface sixxs:ipv6_interface gif0:' \ + ${WRKSRC}/doc/aiccu.conf > ${WRKSRC}/aiccu.conf + +do-install: + ${INSTALL_DATA_DIR} ${DOCDIR} ${EXAMPLEDIR} + ${INSTALL_PROGRAM} ${WRKSRC}/unix-console/aiccu ${PREFIX}/sbin/sixxs-aiccu + ${INSTALL_DATA} ${WRKSRC}/aiccu.conf ${SYSCONFDIR}/aiccu.conf.sample + ${INSTALL_DATA} ${WRKSRC}/aiccu.conf ${EXAMPLEDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/README ${DOCDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/LICENSE ${DOCDIR} + ${INSTALL_DATA} ${WRKSRC}/doc/HOWTO ${DOCDIR} + +.include diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/pkg/DESCR /tmp/0dDlfsosXk/aiccu-20070115/openbsd/pkg/DESCR --- /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/pkg/DESCR 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/openbsd/pkg/DESCR 2005-04-10 23:43:28.000000000 +0200 @@ -0,0 +1,22 @@ +SixXS AICCU: Automatic IPv6 Connectivity Configuration Utility +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +AICCU makes it very easy for anybody to get IPv6 connectivity +everywhere they want. It uses the TIC (Tunnel Information & Control) +protocol to request the information needed to setup a tunnel through +which the connectivity is created. + +AICCU supports the following tunneling protocols: + - 6in4 static (RFC 2893) + - 6in4 heartbeat (RFC 2893 + draft-massar-v6ops-heartbeat) + - tinc (http://www.tinc-vpn.org) + - AYIYA (draft-massar-v6ops-ayiya) + +As AYIYA even works from behind NAT's, thus unless there is a very +restrictive firewall in place, anybody should be able to get IPv6 +connectivity without problems and everywhere they want. + +The main AICCU page, containing information, screenshots, updates +and of course the software itself, unix source + binaries/packages +and Windows binaries, can be downloaded from: + +WWW: http://www.sixxs.net/tools/aiccu/ diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/pkg/MESSAGE /tmp/0dDlfsosXk/aiccu-20070115/openbsd/pkg/MESSAGE --- /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/pkg/MESSAGE 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/openbsd/pkg/MESSAGE 2005-05-17 03:46:35.000000000 +0200 @@ -0,0 +1,12 @@ +Copy ${PREFIX}/share/examples/sixxs-aiccu/aiccu.conf to +${SYSCONFDIR} and insert your account data. + +You can start the daemon with: +/usr/local/sbin/sixxs-aiccu start ${SYSCONFDIR}/aiccu.conf + +Add the following to the /etc/rc.local script to start the daemon on boot: + +if [ -x ${PREFIX}/sbin/sixxs-aiccu -a -f ${SYSCONFDIR}/aiccu.conf ]; then + echo -n ' sixxs-aiccu' + ${PREFIX}/sbin/sixxs-aiccu start ${SYSCONFDIR}/aiccu.conf +fi diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/pkg/PLIST /tmp/0dDlfsosXk/aiccu-20070115/openbsd/pkg/PLIST --- /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/pkg/PLIST 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/openbsd/pkg/PLIST 2005-05-17 02:29:03.000000000 +0200 @@ -0,0 +1,8 @@ +@comment $OpenBSD$ +sbin/sixxs-aiccu +share/doc/sixxs-aiccu/ +share/doc/sixxs-aiccu/HOWTO +share/doc/sixxs-aiccu/LICENSE +share/doc/sixxs-aiccu/README +share/examples/sixxs-aiccu/ +share/examples/sixxs-aiccu/aiccu.conf diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/README /tmp/0dDlfsosXk/aiccu-20070115/openbsd/README --- /tmp/h6kCLsMZDY/aiccu-20050131/openbsd/README 1970-01-01 01:00:00.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/openbsd/README 2007-01-07 19:29:06.000000000 +0100 @@ -0,0 +1,10 @@ +Notes on the OpenBSD port of AICCU. +You should regenerate the checksums in the distinfo file in this directory. + +Something like this should do the trick: +{ + md5 aiccu_2007.01.07.tar.gz + sha1 aiccu_2007.01.07.tar.gz + rmd160 aiccu_2007.01.07.tar.gz + echo "SIZE (aiccu_2007.01.07.tar.gz) = `ls -l aiccu_2007.01.07.tar.gz | awk '{ print $5}'` +} > distinfo diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/rpm/aiccu.spec /tmp/0dDlfsosXk/aiccu-20070115/rpm/aiccu.spec --- /tmp/h6kCLsMZDY/aiccu-20050131/rpm/aiccu.spec 2005-01-09 17:09:48.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/rpm/aiccu.spec 2007-01-15 12:56:49.000000000 +0100 @@ -6,31 +6,20 @@ # AICCU RPM Spec File ############################################################ -%if %{?aiccu_version:0}%{!?aiccu_version:1} -%define aiccu_version rpmbuild -%endif - -%if %{?aiccu_release:0}%{!?aiccu_release:1} -%define aiccu_release 1 -%endif - -%if %{?srcext:0}%{!?srcext:1} -%define srcext .gz -%endif - Summary: AICCU - SixXS Automatic IPv6 Connectivity Client Utility Name: aiccu -Version: %(version=`echo %{aiccu_version} | cut -b0-10`; echo ${version}) -Release: %(options=`echo %{aiccu_version} | cut -b12-`; echo %{aiccu_release}${options}) -License: GPL -Group: Networking/Utilities +Version: 2007.01.15 +Release: 1%{?dist} +License: BSD +Group: System Environment/Daemons URL: http://www.sixxs.net/tools/aiccu/ -Vendor: SixXS -BuildRoot: /var/tmp/%{name}-root -Packager: SixXS -Source: aiccu_%{aiccu_version}.tar%{srcext} -Requires: iproute -Requires(post,preun): chkconfig +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Source: http://www.sixxs.net/archive/sixxs/aiccu/unix/aiccu_%{version}.tar.gz +BuildRequires: gnutls-devel +Requires: iproute +Requires(post): chkconfig +Requires(preun): chkconfig, initscripts +Requires(postun): initscripts %description This client automatically gives one IPv6 connectivity @@ -41,41 +30,58 @@ %prep %setup -q -n %{name} +# fix executable permissions on non-executable content +# so debuginfo can pick them up properly +find . -type f -not -name rules -and -not -name *init* -exec chmod a-x \{\} \; %build -make RPM_OPT_FLAGS="$RPM_OPT_FLAGS" +make %{?_smp_mflags} RPM_OPT_FLAGS="$RPM_OPT_FLAGS" %install -if [ -n "$RPM_BUILD_ROOT" ] ; then - [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT -fi +rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT %post if [ "$1" = "1" ]; then - chkconfig --add aiccu + /sbin/chkconfig --add aiccu fi %preun if [ "$1" = "0" ]; then - service aiccu stop >/dev/null 2>&1 + /sbin/service aiccu stop >/dev/null 2>&1 /sbin/chkconfig --del aiccu fi +%postun +/sbin/service aiccu condrestart > /dev/null 2>&1 || : + %clean make clean [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) -%attr(600, root, root) /etc/aiccu.conf %doc doc/README doc/LICENSE %{_sbindir}/aiccu -%config %{_sysconfdir}/aiccu.conf -%config %{_sysconfdir}/init.d/aiccu +# aiccu.conf contains the users's SixXS password, so don't +# make it readable by non-root +%attr(600, root,root) %config(noreplace) %{_sysconfdir}/aiccu.conf +%{_sysconfdir}/init.d/aiccu + %changelog +* Wed Jun 28 2006 Matt Domsch 2005.01.31-4 +- export CFLAGS properly, fix permissions on files for debuginfo + +* Wed Jun 28 2006 Matt Domsch 2005.01.31-3 +- cleanups per Fedora Extras review + +* Sat Apr 22 2006 Matt Domsch 2005.01.31-2 +- match Fedora Extras spec guidelines +- add postun condrestart +- add reload initscript arg to satisfy rpmlint + * Sun Aug 29 2004 Jeroen Massar 2004.08.29 - Beta2 with TIC, 6in4, 6in4-heartbeat and AYIYA support diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/unix-console/main.c /tmp/0dDlfsosXk/aiccu-20070115/unix-console/main.c --- /tmp/h6kCLsMZDY/aiccu-20050131/unix-console/main.c 2005-01-31 20:05:34.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/unix-console/main.c 2007-01-15 12:57:34.000000000 +0100 @@ -6,25 +6,156 @@ unix-client/aiccu.c - AICCU - The client for UNIX *********************************************************** $Author: jeroen $ - $Id: main.c,v 1.5 2005/01/31 19:05:34 jeroen Exp $ - $Date: 2005/01/31 19:05:34 $ + $Id: main.c,v 1.20 2007-01-15 11:57:34 jeroen Exp $ + $Date: 2007-01-15 11:57:34 $ **********************************************************/ #include "../common/aiccu.h" +#include "../common/tun.h" + +#ifndef _WIN32 +/* Enable/Disable heartbeating */ +void sigusr1(int i); +void sigusr1(int i) +{ + /* Toggle the flag */ + g_aiccu->makebeats = !g_aiccu->makebeats; + + /* Reset the signal */ + signal(i, &sigusr1); +} + +void sigterm(int i); +void sigterm(int i) +{ + g_aiccu->running = false; + signal(i, SIG_IGN); +} + +int sigrunning(int sig); +int sigrunning(int sig) +{ + int pid; + FILE *f; + + if (!g_aiccu) return 0; + + /* Open our PID file */ + f = fopen(g_aiccu->pidfile, "r"); + if (!f) return 0; + + /* Get the PID from the file or make it invalid when the format is wrong */ + if (fscanf(f, "%d", &pid) != 1) pid = -1; + + /* Close the file again */ + fclose(f); + + /* If we can HUP it, it still runs */ + return (pid > 0 && kill(pid, sig) == 0 ? 1 : 0); +} + +#else + +static BOOL sigterm(DWORD sig); +static BOOL sigterm(DWORD sig) +{ + D(dolog(LOG_DEBUG, "Terminating due to CTRL event\n")); + g_aiccu->running = false; + return true; +} +static BOOL sigterm_testing(DWORD sig); +static BOOL sigterm_testing(DWORD sig) +{ + D(dolog(LOG_DEBUG, "Ignoring CTRL event\n")); + return true; +} + +#endif + +int list_tunnels(void); +int list_tunnels(void) +{ + struct TIC_sTunnel *hsTunnel, *t; + + if (!tic_Login(g_aiccu->tic, g_aiccu->username, g_aiccu->password, g_aiccu->server)) return 0; + + hsTunnel = tic_ListTunnels(g_aiccu->tic); + + if (!hsTunnel) + { + tic_Logout(g_aiccu->tic, "Getting current tunnel listing"); + return 1; + } + + for (t = hsTunnel; t; t = t->next) + { + printf("%s %s %s %s\n", t->sId, t->sIPv6, t->sIPv4, t->sPOPId); + } + + tic_Free_sTunnel(hsTunnel); + tic_Logout(g_aiccu->tic, "Getting current tunnel listing"); + return 1; +} + +static unsigned int prevnum = 54321; + +/* Due to broken DNS servers out there, make sure that we get at least the SixXS TIC server */ +static bool foundsixxs = false; + +void gotrr(unsigned int num, int type, const char *record); +void gotrr(unsigned int num, int type, const char *record) +{ + /* Skip non-TXT records + Comments */ + if (type != T_TXT || record[0] == '#') return; + /* If the record number changed and it is not the first one, add a return */ + if (num != prevnum && prevnum != 54321) printf("\n"); + + /* The current record = the last one seen */ + prevnum = num; + + /* Print the component */ + printf("%s|", record); + + /* Found SixXS? */ + if (strcmp(record, "SixXS") == 0) foundsixxs = true; +} + +/* Get Tunnel Brokers from _aiccu. and from _aiccu.sixxs.net */ +int list_brokers(void); +int list_brokers(void) +{ + foundsixxs = false; + prevnum = 54321; + getrrs("_aiccu", T_TXT, gotrr); + prevnum = 54321; + getrrs("_aiccu.sixxs.net", T_TXT, gotrr); + printf("\n"); + + if (!foundsixxs) + { + printf("SixXS|tic://tic.sixxs.net|http://www.sixxs.net|be de ee fi gb ie it nl pl pt si se us"); + + /* Warn the user of the missing global tb's */ + fprintf(stderr, "Warning: Couldn't find global Tunnel Brokers List, please check your DNS settings and read the FAQ.\n"); + } + + return 1; +} /* * AICCU! - Aka... let's get connected ;) * returns a TIC_Tunnel which can then be * used for configuring and keeping it running */ -struct TIC_Tunnel *get_tunnel() +struct TIC_Tunnel *get_tunnel(void); +struct TIC_Tunnel *get_tunnel(void) { struct TIC_sTunnel *hsTunnel, *t; struct TIC_Tunnel *hTunnel; /* Login to the TIC Server */ - if (!tic_Login(g_aiccu->tic, g_aiccu->username, g_aiccu->password)) return false; + if (!tic_Login(g_aiccu->tic, g_aiccu->username, g_aiccu->password, g_aiccu->server)) return NULL; /* * Don't try to list the tunnels when @@ -78,18 +209,31 @@ A_NONE = 0, A_START, A_STOP, + A_BROKERS, + A_TUNNELS, A_TEST, A_AUTOTEST, - A_LICENSE + A_LICENSE, +#ifdef _WIN32 + A_LISTTAPS, +#endif + A_VERSION }; +const char *options = "aiccu (start|stop|brokers|tunnels|test|autotest|license|" +#ifdef _WIN32 + "listtaps|" +#endif + "version) []\n"; + int main(int argc, char *argv[]) { - enum AICCU_MODES mode = A_NONE; + enum AICCU_MODES mode = A_NONE; - struct TIC_Tunnel *hTunnel; + struct TIC_Tunnel *hTunnel; #ifdef _WIN32 - WSADATA wsadata; + WSADATA wsadata; + unsigned int i; /* Initialize Winsock so that we can do network functions */ WSAStartup(WINSOCK_VERSION, &wsadata); @@ -106,9 +250,15 @@ { if (strcasecmp(argv[1], "start") == 0) mode = A_START; else if (strcasecmp(argv[1], "stop") == 0) mode = A_STOP; + else if (strcasecmp(argv[1], "brokers") == 0) mode = A_BROKERS; + else if (strcasecmp(argv[1], "tunnels") == 0) mode = A_TUNNELS; else if (strcasecmp(argv[1], "test") == 0) mode = A_TEST; else if (strcasecmp(argv[1], "autotest")== 0) mode = A_AUTOTEST; else if (strcasecmp(argv[1], "license") == 0) mode = A_LICENSE; +#ifdef _WIN32 + else if (strcasecmp(argv[1], "listtaps") == 0) mode = A_LISTTAPS; +#endif + else if (strcasecmp(argv[1], "version") == 0) mode = A_VERSION; } /* Optionally we want a second argument: a config file */ @@ -116,7 +266,7 @@ argc != 3) || mode == A_NONE) { - dolog(LOG_ERR, "aiccu (start|stop|test|autotest|license) []\n"); + dolog(LOG_ERR, "%s", options); return -1; } @@ -126,13 +276,39 @@ return 0; } + if ( mode == A_VERSION) + { + printf("AICCU %s by Jeroen Massar\n", AICCU_VERSION); + return 0; + } + +#ifdef _WIN32 + if ( mode == A_LISTTAPS) + { + tun_list_tap_adapters(); + return 0; + } +#endif + + if ( mode == A_BROKERS) + { + int ret = list_brokers(); + aiccu_FreeConfig(); + return ret == 0 ? -1 : 0; + } + + if (!aiccu_LoadConfig(argc <= 2 ? NULL : argv[2])) + { + return -1; + } + #ifndef _WIN32 /* start or stop? */ if ( mode != A_TEST && mode != A_AUTOTEST) { /* Already running? */ - if (sigrunning(mode == A_STOP ? SIGTERM : SIGHUP) == 1) + if (sigrunning(mode == A_STOP ? SIGTERM : 0) == 1) { dolog(LOG_ERR, "Already running instance HUP'ed, exiting\n"); return 0; @@ -140,22 +316,23 @@ } #endif - /* Load a configuration file */ - if (!aiccu_LoadConfig(argc == 2 ? AICCU_CONFIG : argv[2])) + /* Verify required parameters */ + if (!g_aiccu->username || !g_aiccu->password) { + dolog(LOG_ERR, "Required parameters missing, make sure that username and password are given\n"); + aiccu_FreeConfig(); return -1; } - /* Verify required parameters */ - if (!g_aiccu->username || !g_aiccu->password) + if (mode == A_TUNNELS) { - dolog(LOG_ERR, "Required parameters missing, make sure that username and password are given\n"); + int ret = list_tunnels(); aiccu_FreeConfig(); - return false; + return ret == 0 ? -1 : 0; } /* Get our tunnel */ - hTunnel = get_tunnel(g_aiccu->tic); + hTunnel = get_tunnel(); if (!hTunnel) { @@ -182,11 +359,43 @@ printf("Userstate : %s\n", hTunnel->sUserState); } + /* One can always try to stop it */ + if (mode == A_STOP) + { + aiccu_delete(hTunnel); + + /* Free stuff and exit */ + tic_Free_Tunnel(hTunnel); + aiccu_FreeConfig(); + return 0; + } + + if ( (strcmp(hTunnel->sAdminState, "enabled") != 0) || + (strcmp(hTunnel->sUserState, "enabled") != 0)) + { + dolog(LOG_ERR, "Tunnel is not enabled (UserState: %s, AdminState: %s)\n", hTunnel->sAdminState, hTunnel->sUserState); + return -1; + } + /* Do the test thing */ if ( mode == A_TEST || mode == A_AUTOTEST) { - aiccu_test(hTunnel, strcasecmp(argv[1], "autotest") == 0 ? true : false); +#ifdef _WIN32 + SetConsoleCtrlHandler((PHANDLER_ROUTINE)sigterm_testing, true); +#endif + /* Setup the tunnel */ + if (aiccu_setup(hTunnel, true)) + { + aiccu_test(hTunnel, strcasecmp(argv[1], "autotest") == 0 ? true : false); + + /* Tear the tunnel down again */ + aiccu_delete(hTunnel); + } + else + { + dolog(LOG_ERR, "Tunnel Setup Failed\n"); + } /* exit as all is done */ tic_Free_Tunnel(hTunnel); @@ -198,6 +407,8 @@ if ( mode == A_START && g_aiccu->daemonize != 0) { + FILE *f; + /* Daemonize */ int i = fork(); if (i < 0) @@ -210,41 +421,82 @@ /* Child fork */ setsid(); + + /* Chdir to minimise disruption to FS umounts */ + (void)chdir("/"); + /* Cleanup stdin/out/err */ freopen("/dev/null","r",stdin); freopen("/dev/null","w",stdout); freopen("/dev/null","w",stderr); - savepid(); + /* */ + f = fopen(g_aiccu->pidfile, "w"); + if (!f) + { + dolog(LOG_ERR, "Could not store PID in file %s\n", g_aiccu->pidfile); + return 0; + } + + fprintf(f, "%d", getpid()); + fclose(f); + + dolog(LOG_INFO, "AICCU running as PID %d\n", getpid()); } #endif /* !_WIN32 */ - if (mode == A_STOP) - { - aiccu_delete(hTunnel); + /* mode == A_START */ - /* Free stuff and exit */ - tic_Free_Tunnel(hTunnel); - aiccu_FreeConfig(); - return 0; - } +#ifndef _WIN32 + /* + * Install a signal handler so that + * one can disable beating with SIGUSR1 + */ + signal(SIGUSR1, &sigusr1); - /* mode == A_START */ + /* + * Install a signal handler so that + * one can stop this program with SIGTERM + */ + signal(SIGTERM, &sigterm); + signal(SIGINT, &sigterm); +#else + SetConsoleCtrlHandler((PHANDLER_ROUTINE)sigterm, true); +#endif /* * Setup our tunnel * This also spawns required threads for AYIYA */ - aiccu_setup(hTunnel, true); - - /* We are spawned, now just beat once in a while. */ - while (strcmp(hTunnel->sType, "6in4-heartbeat") == 0) + if (aiccu_setup(hTunnel, true)) { - dolog(LOG_DEBUG, "Beat()\n"); - heartbeat_beat(hTunnel); - sleep(hTunnel->nHeartbeat_Interval); + /* We need to stay running when doing Heartbeat or AYIYA */ + if ( strcasecmp(hTunnel->sType, "6in4-heartbeat") == 0 || + strcasecmp(hTunnel->sType, "ayiya") == 0) + { + /* We are spawned, now just beat once in a while. */ + while (g_aiccu->running) + { + aiccu_beat(hTunnel); +#ifndef _WIN32 + sleep(hTunnel->nHeartbeat_Interval); +#else + for (i=0; g_aiccu->running && i <= hTunnel->nHeartbeat_Interval; i++) Sleep(1000); +#endif + } + + /* Clean up the the tunnel, no beat anyway */ + aiccu_delete(hTunnel); + } + +#ifndef _WIN32 + /* Remove our PID file */ + if (g_aiccu) unlink(g_aiccu->pidfile); +#endif } + + /* Free our resources */ aiccu_FreeConfig(); return 0; diff -Nru /tmp/h6kCLsMZDY/aiccu-20050131/unix-console/Makefile /tmp/0dDlfsosXk/aiccu-20070115/unix-console/Makefile --- /tmp/h6kCLsMZDY/aiccu-20050131/unix-console/Makefile 2005-01-31 19:59:30.000000000 +0100 +++ /tmp/0dDlfsosXk/aiccu-20070115/unix-console/Makefile 2007-01-15 12:04:27.000000000 +0100 @@ -6,89 +6,150 @@ # unix-client/Makefile - Makefile for the UNIX client # *********************************************************** # $Author: jeroen $ -# $Id: Makefile,v 1.7 2005/01/31 18:59:30 jeroen Exp $ -# $Date: 2005/01/31 18:59:30 $ +# $Id: Makefile,v 1.32 2007-01-15 11:04:27 jeroen Exp $ +# $Date: 2007-01-15 11:04:27 $ # **********************************************************/ -SRCS = main.c ../common/aiccu.c ../common/hash_md5.c ../common/hash_sha1.c ../common/common.c ../common/heartbeat.c ../common/tic.c ../common/ayiya.c ../common/aiccu_test.c -INCS = ../common/aiccu.h ../common/hash_md5.h ../common/hash_sha1.h ../common/common.h ../common/heartbeat.h ../common/tic.h ../common/ayiya.h -OBJS = main.o ../common/aiccu.o ../common/hash_md5.o ../common/hash_sha1.o ../common/common.o ../common/heartbeat.o ../common/tic.o ../common/ayiya.o ../common/aiccu_test.o -CWARNS = -pedantic -W -Wall -Wshadow -Wcast-align +SRCS = main.c ../common/tun.c ../common/aiccu.c ../common/hash_md5.c ../common/hash_sha1.c ../common/common.c ../common/heartbeat.c ../common/tic.c ../common/ayiya.c ../common/aiccu_test.c ../common/resolver.c +INCS = ../common/tun.h ../common/aiccu.h ../common/hash_md5.h ../common/hash_sha1.h ../common/common.h ../common/heartbeat.h ../common/tic.h ../common/ayiya.h ../common/resolver.h +OBJS = main.o ../common/tun.o ../common/aiccu.o ../common/hash_md5.o ../common/hash_sha1.o ../common/common.o ../common/heartbeat.o ../common/tic.o ../common/ayiya.o ../common/aiccu_test.o ../common/resolver.o + +# New features not fully implemented and thus disabled for now +#CFLAGS += -D NEWSTUFF_TSP -D NEWSTUFF_TEEPEE +#SRCS += ../common/tsp.c ../common/teepee.c +#OBJS += ../common/tsp.o ../common/teepee.o +#INCS += ../common/tsp.h ../common/teepee.h + +# Our very *bliep* set of options to make sure that these things can't cause any issues +CWARNS += -W -Wall -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wnested-externs -Winline -Wbad-function-cast -fshort-enums -fstrict-aliasing -fno-common -Wpadded -pedantic -D_REENTRANT +# CWARNS += -Wpacked + #CFLAGS += $(CWARNS) -D_GNU_SOURCE -D_DEBUG -g3 -O0 -CFLAGS += $(CWARNS) -D_GNU_SOURCE -O3 -CC = gcc +CFLAGS += $(CWARNS) -D_GNU_SOURCE +CC = @gcc RM = rm +# Add -O3 when nothing is specified yet +ifeq ($(shell echo $(CFLAGS) | grep -c "\-O"),0) +CFLAGS += -O3 +endif + +# This is a console client CFLAGS += -D AICCU_CONSOLE +# GnuTLS Support ? +# Used by TIC to secure that communication +# Currently defaultly builds only on Linux, but other platforms might easily also support it +ifeq ($(shell uname | grep -c "Linux"),1) +CFLAGS += -D AICCU_GNUTLS +LDFLAGS += -lgnutls +endif + # Linux ifeq ($(shell uname | grep -c "Linux"),1) -CFLAGS += -D AICCU_TYPE="\"linux\"" -CWARNS += -Wpadded -Wpacked +CFLAGS += -D_LINUX -D HAS_IFHEAD -D AICCU_TYPE="\"linux\"" SRCS += ../common/aiccu_linux.c OBJS += ../common/aiccu_linux.o -LDFLAGS = -lpthread +LDFLAGS += -lpthread -lresolv endif -# FreeBSD 4 +# FreeBSD ifeq ($(shell uname | grep -c "FreeBSD"),1) +CFLAGS += -D_FREEBSD + # FreeBSD 4.x ifeq ($(shell uname -r | cut -c 1),4) -CFLAGS += -D AICCU_TYPE="\"freebsd4\"" +CFLAGS += -D AICCU_TYPE="\"freebsd4\"" SRCS += ../common/aiccu_freebsd4.c OBJS += ../common/aiccu_freebsd4.o -CFLAGS += -pthread -endif - -# FreeBSD 5.x -ifeq ($(shell uname -r | cut -c 1),5) -CFLAGS += -D AICCU_TYPE="\"kame\"" +else +# FreeBSD 5.x/6.x/7.x +CFLAGS += -D NEED_IFHEAD -D AICCU_TYPE="\"kame\"" SRCS += ../common/aiccu_kame.c OBJS += ../common/aiccu_kame.o -CFLAGS += -pthread endif endif +# DragonFlyBSD +ifeq ($(shell uname | grep -c "DragonFly"),1) +CFLAGS += -D_DFBSD -D NEED_IFHEAD -D AICCU_TYPE="\"dragonfly\"" +SRCS += ../common/aiccu_freebsd4.c +OBJS += ../common/aiccu_freebsd4.o +CFLAGS += -pthread +endif + # NetBSD ifeq ($(shell uname | grep -c "NetBSD"),1) -CFLAGS += -D AICCU_TYPE="\"kame\"" +CFLAGS += -D_NETBSD -D AICCU_TYPE="\"kame\"" + +# Check if net/if_tun.h has TUNSIFHEAD and enable support for it +ifneq ($(shell grep -c TUNSIFHEAD /usr/include/net/if_tun.h 2>/dev/null),1) +# Supports TUNSIFHEAD -> AYIYA/l2tp available +CFLAGS += -D NEED_IFHEAD +else +# Doesn't support TUNSIFHEAD -> No AYIYA/l2tp available +CFLAGS += -D NO_IFHEAD +endif + SRCS += ../common/aiccu_kame.c OBJS += ../common/aiccu_kame.o -CFLAGS += -pthread +CFLAGS += -pthread -D_NETBSD_SOURCE endif # OpenBSD ifeq ($(shell uname | grep -c "OpenBSD"),1) +CFLAGS += -D_OPENBSD -D HAS_IFHEAD # 2.7-2.9 ifeq ($(shell uname -r | cut -c 1),2) -CFLAGS += -D AICCU_TYPE="\"openbsd2\"" -SRCS += ../common/aiccu_openbsd2.c -OBJS += ../common/aiccu_openbsd2.o -endif -# 3.x -ifeq ($(shell uname -r | cut -c 1),3) -CFLAGS += -D AICCU_TYPE="\"openbsd\"" -SRCS += ../common/aiccu_openbsd.c -OBJS += ../common/aiccu_openbsd.o +CFLAGS += -D AICCU_TYPE="\"openbsd2\"" +SRCS += ../common/aiccu_openbsd2.c +OBJS += ../common/aiccu_openbsd2.o +else +# 3.x-4.x etc +CFLAGS += -D AICCU_TYPE="\"openbsd\"" +SRCS += ../common/aiccu_openbsd.c +OBJS += ../common/aiccu_openbsd.o endif - CFLAGS += -pthread +CFLAGS += -pthread endif # Darwin ifeq ($(shell uname | grep -c "Darwin"),1) -CFLAGS += -D AICCU_TYPE="\"darwin\"" +CFLAGS += -D_DARWIN -D NEED_IFHEAD -D AICCU_TYPE="\"darwin\"" SRCS += ../common/aiccu_darwin.c OBJS += ../common/aiccu_darwin.o -CFLAGS += -DDARWIN +LDFLAGS += -lresolv endif +# SunOS / Solaris +ifeq ($(shell uname | grep -c "SunOS"),1) +CFLAGS += -D_SUNOS -D AICCU_TYPE="\"sunos\"" +SRCS += ../common/aiccu_sunos.c +OBJS += ../common/aiccu_sunos.o +LDFLAGS += -lsocket -lnsl -lresolv +endif + +# AIX +ifeq ($(shell uname | grep -c "AIX"),1) +CC = @/usr/vac/bin/xlc_r +CFLAGS = -qthreaded -q64 -qlanglvl=stdc99 -bmaxdata:0xD0000000 -D_64BIT -g -qdbxextra -qfullpath -qheapdebug -qformat=all -qcheck=all +CFLAGS += -D AICCU_CONSOLE +CFLAGS += -D_AIX -D AICCU_TYPE="\"aix\"" +SRCS += ../common/aiccu_aix.c +OBJS += ../common/aiccu_aix.o +LDFLAGS += -lpthread +endif + + all: aiccu -aiccu: $(OBJS) ${INCS} - $(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS); +aiccu: $(OBJS) ${SRCS} ${INCS} + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) ifeq ($(shell echo $(CFLAGS) | grep -c "DEBUG"),0) +ifeq ($(shell echo "$(RPM_OPT_FLAGS)" | wc -c),1) strip $@ endif +endif clean: $(RM) -f $(OBJS) aiccu