int seconds_till_retry = 5;
int udp_rcvbuf = 0;
int udp_sndbuf = 0;
+int max_connection_burst = 100;
listen_socket_t listen_socket[MAXSOCKETS];
int listen_sockets;
void finish_connecting(connection_t *c) {
logger(DEBUG_CONNECTIONS, LOG_INFO, "Connected to %s (%s)", c->name, c->hostname);
- if(proxytype != PROXY_EXEC)
- configure_tcp(c);
-
- c->last_ping_time = time(NULL);
+ c->last_ping_time = now.tv_sec;
c->status.connecting = false;
send_id(c);
}
static void handle_meta_write(connection_t *c) {
+ if(c->outbuf.len <= c->outbuf.offset)
+ return;
+
ssize_t outlen = send(c->socket, c->outbuf.data + c->outbuf.offset, c->outbuf.len - c->outbuf.offset, 0);
if(outlen <= 0) {
if(!errno || errno == EPIPE) {
int result;
socklen_t len = sizeof result;
- getsockopt(c->socket, SOL_SOCKET, SO_ERROR, &result, &len);
+ getsockopt(c->socket, SOL_SOCKET, SO_ERROR, (void *)&result, &len);
if(!result)
finish_connecting(c);
}
logger(DEBUG_CONNECTIONS, LOG_INFO, "Using proxy at %s port %s", proxyhost, proxyport);
c->socket = socket(proxyai->ai_family, SOCK_STREAM, IPPROTO_TCP);
+ configure_tcp(c);
}
if(c->socket == -1) {
c->outdigest = myself->connection->outdigest;
c->outmaclength = myself->connection->outmaclength;
c->outcompression = myself->connection->outcompression;
- c->last_ping_time = time(NULL);
+ c->last_ping_time = now.tv_sec;
connection_add(c);
sockaddrunmap(&sa);
+ // Check if we get many connections from the same host
+
+ static sockaddr_t prev_sa;
+ static time_t prev_time;
+ static int tarpit = -1;
+
+ if(tarpit >= 0) {
+ closesocket(tarpit);
+ tarpit = -1;
+ }
+
+ if(prev_time == now.tv_sec && !sockaddrcmp_noport(&sa, &prev_sa)) {
+ // if so, keep the connection open but ignore it completely.
+ tarpit = fd;
+ return;
+ }
+
+ memcpy(&prev_sa, &sa, sizeof sa);
+ prev_time = now.tv_sec;
+
+ // Check if we get many connections from different hosts
+
+ static int connection_burst;
+ static int connection_burst_time;
+
+ if(now.tv_sec - connection_burst_time > connection_burst)
+ connection_burst = 0;
+ else
+ connection_burst -= now.tv_sec - connection_burst_time;
+
+ connection_burst_time = now.tv_sec;
+ connection_burst++;
+
+ if(connection_burst >= max_connection_burst) {
+ connection_burst = max_connection_burst;
+ tarpit = fd;
+ return;
+ }
+
+ // Accept the new connection
+
c = new_connection();
c->name = xstrdup("<unknown>");
c->outcipher = myself->connection->outcipher;
c->address = sa;
c->hostname = sockaddr2hostname(&sa);
c->socket = fd;
- c->last_ping_time = time(NULL);
+ c->last_ping_time = now.tv_sec;
logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection from %s", c->hostname);
c->address = sa;
c->hostname = xstrdup("localhost port unix");
c->socket = fd;
- c->last_ping_time = time(NULL);
+ c->last_ping_time = now.tv_sec;
logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Connection from %s", c->hostname);
}
if(!found) {
- outgoing_t *outgoing = xmalloc_and_zero(sizeof *outgoing);
+ outgoing_t *outgoing = xzalloc(sizeof *outgoing);
outgoing->name = name;
list_insert_tail(outgoing_list, outgoing);
setup_outgoing_connection(outgoing);