along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.c,v 1.35.4.128 2001/08/17 18:14:03 guus Exp $
+ $Id: net.c,v 1.35.4.136 2001/10/08 13:37:30 guus Exp $
*/
#include "config.h"
int total_socket_in = 0;
int total_socket_out = 0;
-config_t *upstreamcfg;
int seconds_till_retry = 5;
int keylifetime = 0;
*/
void send_packet(connection_t *cl, vpn_packet_t *packet)
{
+ connection_t *via;
cp
if(debug_lvl >= DEBUG_TRAFFIC)
syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
return;
}
- /* Check if it has to go via TCP or UDP... */
-cp
- if((cl->options | myself->options) & OPTION_TCPONLY)
+ if(cl->via == myself)
+ via = cl->nexthop;
+ else
+ via = cl->via;
+
+ if(via != cl && debug_lvl >= DEBUG_TRAFFIC)
+ syslog(LOG_ERR, _("Sending packet to %s via %s (%s)"),
+ cl->name, via->name, via->hostname);
+
+ if((myself->options | via->options) & OPTION_TCPONLY)
{
- if(send_tcppacket(cl, packet))
- terminate_connection(cl, 1);
+ if(send_tcppacket(via, packet))
+ terminate_connection(via, 1);
}
else
- send_udppacket(cl, packet);
+ send_udppacket(via, packet);
}
/* Broadcast a packet to all active direct connections */
cp
if (!ioctl(tap_fd, TUNSETIFF, (void *) &ifr))
{
- syslog(LOG_INFO, _("%s is a tun/tap device"), tapfname);
+ syslog(LOG_INFO, _("%s is a Linux tun/tap device"), tapfname);
taptype = TAP_TYPE_TUNTAP;
}
else
+ if (!ioctl(tap_fd, (('T'<< 8) | 202), (void *) &ifr))
+ {
+ syslog(LOG_INFO, _("%s is a Linux tun/tap device"), tapfname);
+ syslog(LOG_WARNING, _("Old ioctl() request used"));
+ taptype = TAP_TYPE_TUNTAP;
+ }
+ else
#endif
- {
- syslog(LOG_INFO, _("%s is an ethertap device"), tapfname);
- taptype = TAP_TYPE_ETHERTAP;
- }
+ {
+ syslog(LOG_INFO, _("%s is a Linux ethertap device"), tapfname);
+ taptype = TAP_TYPE_ETHERTAP;
+ }
#endif
#ifdef HAVE_FREEBSD
- syslog(LOG_INFO, _("%s is a tun/tap device"), tapfname);
+ syslog(LOG_INFO, _("%s is a FreeBSD tap device"), tapfname);
taptype = TAP_TYPE_TUNTAP;
#endif
#ifdef HAVE_SOLARIS
return -1;
}
- syslog(LOG_INFO, _("%s is a tun/tap device"), tapfname);
+ syslog(LOG_INFO, _("%s is a Solaris tun device"), tapfname);
#endif
cp
if((old = lookup_id(name)))
{
- if(debug_lvl >= DEBUG_CONNECTIONS)
- syslog(LOG_NOTICE, _("We are already connected to %s."), name);
- old->status.outgoing = 1;
+ if(!old->status.outgoing)
+ {
+ if(debug_lvl >= DEBUG_CONNECTIONS)
+ syslog(LOG_NOTICE, _("We are already connected to %s."), name);
+
+ old->status.outgoing = 1;
+ }
return 0;
}
cp
/* Done */
+ myself->nexthop = myself;
+ myself->prevhop = myself;
+ myself->via = myself;
myself->status.active = 1;
id_add(myself);
return 0;
}
+void randomized_alarm(int seconds)
+{
+ unsigned char r;
+ RAND_pseudo_bytes(&r, 1);
+ alarm((seconds * (int)r) / 128 + 1);
+}
+
RETSIGTYPE
-sigalrm_handler(int a)
+try_outgoing_connections(int a)
{
config_t const *cfg;
+ int retry = 0;
cp
- cfg = get_config_val(upstreamcfg, config_connectto);
+ cfg = get_config_val(config, config_connectto);
- if(!cfg)
+ while(cfg)
{
- if(upstreamcfg == config)
- {
- /* No upstream IP given, we're listen only. */
- signal(SIGALRM, SIG_IGN);
- return;
- }
+ if(setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */
+ retry = 1;
+ cfg = get_config_val(cfg->next, config_connectto); /* Or else we try the next ConnectTo line */
}
- else
+
+ if(retry)
{
- /* We previously tried all the ConnectTo lines. Now wrap back to the first. */
- cfg = get_config_val(config, config_connectto);
+ seconds_till_retry += 5;
+ if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */
+ seconds_till_retry = MAXTIMEOUT;
+
+ syslog(LOG_ERR, _("Failed to setup all outgoing connections, will retry in %d seconds"),
+ seconds_till_retry);
+
+ /* Randomize timeout to avoid global synchronisation effects */
+ randomized_alarm(seconds_till_retry);
}
-
- while(cfg)
+ else
{
- upstreamcfg = cfg->next;
- if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */
- {
- signal(SIGALRM, SIG_IGN);
- return;
- }
- cfg = get_config_val(upstreamcfg, config_connectto); /* Or else we try the next ConnectTo line */
+ seconds_till_retry = 5;
}
-
- signal(SIGALRM, sigalrm_handler);
- upstreamcfg = config;
- seconds_till_retry += 5;
- if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */
- seconds_till_retry = MAXTIMEOUT;
- syslog(LOG_ERR, _("Still failed to connect to other, will retry in %d seconds"),
- seconds_till_retry);
- alarm(seconds_till_retry);
cp
}
if(setup_myself() < 0)
return -1;
- if(!(cfg = get_config_val(config, config_connectto)))
- /* No upstream IP given, we're listen only. */
- return 0;
-
- while(cfg)
- {
- upstreamcfg = cfg->next;
- if(!setup_outgoing_connection(cfg->data.ptr)) /* function returns 0 when there are no problems */
- return 0;
- cfg = get_config_val(upstreamcfg, config_connectto); /* Or else we try the next ConnectTo line */
- }
-
- if(do_detach)
- {
- signal(SIGALRM, sigalrm_handler);
- upstreamcfg = config;
- seconds_till_retry = MAXTIMEOUT;
- syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry);
- alarm(seconds_till_retry);
- }
- else
- return -1;
-
+ signal(SIGALRM, try_outgoing_connections);
+ alarm(5);
cp
return 0;
}
if(cl->status.outgoing)
{
cl->status.outgoing = 0;
- signal(SIGALRM, sigalrm_handler);
+ signal(SIGALRM, try_outgoing_connections);
alarm(seconds_till_retry);
syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry);
}
void check_dead_connections(void)
{
time_t now;
- avl_node_t *node;
+ avl_node_t *node, *next;
connection_t *cl;
cp
now = time(NULL);
- for(node = connection_tree->head; node; node = node->next)
+ for(node = connection_tree->head; node; node = next)
{
+ next = node->next;
cl = (connection_t *)node->data;
- if(cl->status.active)
+ if(cl->last_ping_time + timeout < now)
{
- if(cl->last_ping_time + timeout < now)
+ if(cl->status.active)
{
if(cl->status.pinged)
{
send_ping(cl);
}
}
+ else
+ {
+ if(debug_lvl >= DEBUG_CONNECTIONS)
+ syslog(LOG_WARNING, _("Timeout from %s (%s) during authentication"),
+ cl->name, cl->hostname);
+ terminate_connection(cl, 0);
+ }
}
}
cp
if(FD_ISSET(p->meta_socket, f))
if(receive_meta(p) < 0)
{
- terminate_connection(p, p->status.meta);
+ terminate_connection(p, p->status.active);
return;
}
}