X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet.c;h=dffe0b472c36694053d0bc611efc6969ba368258;hb=bf81fce8ff7a244ecdfbe2d5535bdf4df07b3f35;hp=097a79c0a42747c24f4bea1fed1b12f047a7b7b7;hpb=f6e87ab476a0faf8b124ecaaa27f967d825e6457;p=tinc diff --git a/src/net.c b/src/net.c index 097a79c0..dffe0b47 100644 --- a/src/net.c +++ b/src/net.c @@ -1,7 +1,7 @@ /* net.c -- most of the network code Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2017 Guus Sliepen + 2000-2021 Guus Sliepen 2006 Scott Lamb 2011 Loïc Grenié @@ -23,19 +23,17 @@ #include "system.h" #include "autoconnect.h" +#include "conf_net.h" #include "conf.h" #include "connection.h" -#include "device.h" #include "graph.h" #include "logger.h" #include "meta.h" #include "names.h" #include "net.h" -#include "netutl.h" #include "protocol.h" #include "subnet.h" #include "utils.h" -#include "xalloc.h" int contradicting_add_edge = 0; int contradicting_del_edge = 0; @@ -92,6 +90,22 @@ void purge(void) { } } +/* Put a misbehaving connection in the tarpit */ +void tarpit(int fd) { + static int pits[10] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1}; + static unsigned int next_pit = 0; + + if(pits[next_pit] != -1) { + closesocket(pits[next_pit]); + } + + pits[next_pit++] = fd; + + if(next_pit >= sizeof pits / sizeof pits[0]) { + next_pit = 0; + } +} + /* Terminate a connection: - Mark it as inactive @@ -195,7 +209,7 @@ static void timeout_handler(void *data) { last_periodic_run_time = now; - for list_each(connection_t, c, connection_list) { + for list_each(connection_t, c, &connection_list) { // control connections (eg. tinc ctl) do not have any timeout if(c->status.control) { continue; @@ -218,6 +232,7 @@ static void timeout_handler(void *data) { logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout while connecting to %s (%s)", c->name, c->hostname); } else { logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout from %s (%s) during authentication", c->name, c->hostname); + c->status.tarpit = true; } terminate_connection(c, c->edge); @@ -285,6 +300,10 @@ static void periodic_handler(void *data) { void handle_meta_connection_data(connection_t *c) { if(!receive_meta(c)) { + if(!c->status.control) { + c->status.tarpit = true; + } + terminate_connection(c, c->edge); return; } @@ -319,7 +338,7 @@ int reload_configuration(void) { exit_configuration(&config_tree); init_configuration(&config_tree); - if(!read_server_config()) { + if(!read_server_config(config_tree)) { logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file."); return EINVAL; } @@ -327,7 +346,7 @@ int reload_configuration(void) { read_config_options(config_tree, NULL); snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, myself->name); - read_config_file(config_tree, fname); + read_config_file(config_tree, fname, true); /* Parse some options that are allowed to be changed while tinc is running */ @@ -383,20 +402,18 @@ int reload_configuration(void) { while(cfg) { subnet_t *subnet, *s2; - if(!get_config_subnet(cfg, &subnet)) { - continue; - } + if(get_config_subnet(cfg, &subnet)) { + if((s2 = lookup_subnet(myself, subnet))) { + if(s2->expires == 1) { + s2->expires = 0; + } - if((s2 = lookup_subnet(myself, subnet))) { - if(s2->expires == 1) { - s2->expires = 0; + free_subnet(subnet); + } else { + subnet_add(myself, subnet); + send_add_subnet(everyone, subnet); + subnet_update(myself, subnet, true); } - - free_subnet(subnet); - } else { - subnet_add(myself, subnet); - send_add_subnet(everyone, subnet); - subnet_update(myself, subnet, true); } cfg = lookup_config_next(config_tree, cfg); @@ -417,7 +434,7 @@ int reload_configuration(void) { /* Close connections to hosts that have a changed or deleted host config file */ - for list_each(connection_t, c, connection_list) { + for list_each(connection_t, c, &connection_list) { if(c->status.control) { continue; } @@ -438,7 +455,7 @@ int reload_configuration(void) { void retry(void) { /* Reset the reconnection timers for all outgoing connections */ - for list_each(outgoing_t, outgoing, outgoing_list) { + for list_each(outgoing_t, outgoing, &outgoing_list) { outgoing->timeout = 0; if(outgoing->ev.cb) @@ -448,7 +465,7 @@ void retry(void) { } /* Check for outgoing connections that are in progress, and reset their ping timers */ - for list_each(connection_t, c, connection_list) { + for list_each(connection_t, c, &connection_list) { if(c->outgoing && !c->node) { c->last_ping_time = 0; }