X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_packet.c;h=31c19b7a42a743b1022ad7fd9af6bb5a690ba16f;hb=b23bf132838156d2fe5a18d50a2b5e068ae18ec3;hp=1159231205f8bbbb25a22e091d83a15ac9db0846;hpb=57991e264202ad83e2c1b663777b358bf5573652;p=tinc diff --git a/src/net_packet.c b/src/net_packet.c index 11592312..31c19b7a 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -54,8 +54,7 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999 static void send_udppacket(node_t *, vpn_packet_t *); unsigned replaywin = 16; -bool localdiscovery = false; -sockaddr_t localdiscovery_address; +bool localdiscovery = true; #define MAX_SEQNO 1073741824 @@ -143,16 +142,15 @@ static void send_mtu_probe_handler(void *data) { memset(packet.data, 0, 14); randomize(packet.data + 14, len - 14); packet.len = len; - if(i >= 4 && n->mtuprobes <= 10) - packet.priority = -1; - else - packet.priority = 0; + packet.priority = 0; + n->status.send_locally = i >= 4 && n->mtuprobes <= 10 && n->prevedge; logger(DEBUG_TRAFFIC, LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname); send_udppacket(n, &packet); } + n->status.send_locally = false; n->probe_counter = 0; gettimeofday(&n->probe_time, NULL); @@ -362,7 +360,6 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { vpn_packet_t pkt1, pkt2; vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 }; int nextpkt = 0; - vpn_packet_t *outpkt = pkt[0]; size_t outlen; if(n->status.sptps) { @@ -379,7 +376,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { return; } - if(!cipher_active(n->incipher)) { + if(!n->status.validkey) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); return; } @@ -404,7 +401,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { /* Decrypt the packet */ if(cipher_active(n->incipher)) { - outpkt = pkt[nextpkt++]; + vpn_packet_t *outpkt = pkt[nextpkt++]; outlen = MAXSIZE; if(!cipher_decrypt(n->incipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { @@ -461,7 +458,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { length_t origlen = inpkt->len; if(n->incompression) { - outpkt = pkt[nextpkt++]; + vpn_packet_t *outpkt = pkt[nextpkt++]; if((outpkt->len = uncompress_packet(outpkt->data, inpkt->data, inpkt->len, n->incompression)) < 0) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while uncompressing packet from %s (%s)", @@ -545,6 +542,18 @@ static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { return; } +static void adapt_socket(const sockaddr_t *sa, int *sock) { + /* Make sure we have a suitable socket for the chosen address */ + if(listen_socket[*sock].sa.sa.sa_family != sa->sa.sa_family) { + for(int i = 0; i < listen_sockets; i++) { + if(listen_socket[i].sa.sa.sa_family == sa->sa.sa_family) { + *sock = i; + break; + } + } + } +} + static void choose_udp_address(const node_t *n, const sockaddr_t **sa, int *sock) { /* Latest guess */ *sa = &n->address; @@ -583,54 +592,30 @@ static void choose_udp_address(const node_t *n, const sockaddr_t **sa, int *sock *sock = rand() % listen_sockets; } - /* Make sure we have a suitable socket for the chosen address */ - if(listen_socket[*sock].sa.sa.sa_family != (*sa)->sa.sa_family) { - for(int i = 0; i < listen_sockets; i++) { - if(listen_socket[i].sa.sa.sa_family == (*sa)->sa.sa_family) { - *sock = i; - break; - } - } - } + adapt_socket(*sa, sock); } -static void choose_broadcast_address(const node_t *n, const sockaddr_t **sa, int *sock) { - static sockaddr_t broadcast_ipv4 = { - .in = { - .sin_family = AF_INET, - .sin_addr.s_addr = -1, - } - }; - - static sockaddr_t broadcast_ipv6 = { - .in6 = { - .sin6_family = AF_INET6, - .sin6_addr.s6_addr[0x0] = 0xff, - .sin6_addr.s6_addr[0x1] = 0x02, - .sin6_addr.s6_addr[0xf] = 0x01, - } - }; +static void choose_local_address(const node_t *n, const sockaddr_t **sa, int *sock) { + *sa = NULL; - *sock = rand() % listen_sockets; + /* Pick one of the edges from this node at random, then use its local address. */ - if(listen_socket[*sock].sa.sa.sa_family == AF_INET6) { - if(localdiscovery_address.sa.sa_family == AF_INET6) { - localdiscovery_address.in6.sin6_port = n->prevedge->address.in.sin_port; - *sa = &localdiscovery_address; - } else { - broadcast_ipv6.in6.sin6_port = n->prevedge->address.in.sin_port; - broadcast_ipv6.in6.sin6_scope_id = listen_socket[*sock].sa.in6.sin6_scope_id; - *sa = &broadcast_ipv6; - } - } else { - if(localdiscovery_address.sa.sa_family == AF_INET) { - localdiscovery_address.in.sin_port = n->prevedge->address.in.sin_port; - *sa = &localdiscovery_address; - } else { - broadcast_ipv4.in.sin_port = n->prevedge->address.in.sin_port; - *sa = &broadcast_ipv4; + int i = 0; + int j = rand() % n->edge_tree->count; + edge_t *candidate = NULL; + + for splay_each(edge_t, e, n->edge_tree) { + if(i++ == j) { + candidate = e; + break; } } + + if (candidate && candidate->local_address.sa.sa_family) { + *sa = &candidate->local_address; + *sock = rand() % listen_sockets; + adapt_socket(*sa, sock); + } } static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { @@ -731,14 +716,12 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Send the packet */ - const sockaddr_t *sa; + const sockaddr_t *sa = NULL; int sock; - /* Overloaded use of priority field: -1 means local broadcast */ - - if(origpriority == -1 && n->prevedge) - choose_broadcast_address(n, &sa, &sock); - else + if(n->status.send_locally) + choose_local_address(n, &sa, &sock); + if(!sa) choose_udp_address(n, &sa, &sock); #if defined(SOL_IP) && defined(IP_TOS) @@ -747,7 +730,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { priority = origpriority; logger(DEBUG_TRAFFIC, LOG_DEBUG, "Setting outgoing packet priority to %d", priority); if(setsockopt(listen_socket[n->sock].udp.fd, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */ - logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setsockopt", strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setsockopt", sockstrerror(sockerrno)); } #endif @@ -770,7 +753,7 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { /* Send it via TCP if it is a handshake packet, TCPOnly is in use, or this packet is larger than the MTU. */ - if(type >= SPTPS_HANDSHAKE || ((myself->options | to->options) & OPTION_TCPONLY) || (type != PKT_PROBE && len > to->minmtu)) { + if(type >= SPTPS_HANDSHAKE || ((myself->options | to->options) & OPTION_TCPONLY) || (type != PKT_PROBE && (len - SPTPS_DATAGRAM_OVERHEAD) > to->minmtu)) { char buf[len * 4 / 3 + 5]; b64encode(data, buf, len); /* If no valid key is known yet, send the packets using ANS_KEY requests, @@ -785,13 +768,18 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { /* Otherwise, send the packet via UDP */ - const sockaddr_t *sa; + const sockaddr_t *sa = NULL; int sock; - choose_udp_address(to, &sa, &sock); + if(to->status.send_locally) + choose_local_address(to, &sa, &sock); + if(!sa) + choose_udp_address(to, &sa, &sock); if(sendto(listen_socket[sock].udp.fd, data, len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { if(sockmsgsize(sockerrno)) { + // Compensate for SPTPS overhead + len -= SPTPS_DATAGRAM_OVERHEAD; if(to->maxmtu >= len) to->maxmtu = len - 1; if(to->mtu >= len) @@ -948,7 +936,7 @@ void broadcast_packet(const node_t *from, vpn_packet_t *packet) { // usually distributes the sending of broadcast packets over all nodes. case BMODE_MST: for list_each(connection_t, c, connection_list) - if(c->status.active && c->status.mst && c != from->nexthop->connection) + if(c->edge && c->status.mst && c != from->nexthop->connection) send_packet(c->node, packet); break;