2 net.c -- most of the network code
3 Copyright (C) 1998-2005 Ivo Timmermans,
4 2000-2021 Guus Sliepen <guus@tinc-vpn.org>
5 2006 Scott Lamb <slamb@slamb.org>
6 2011 Loïc Grenié <loic.grenie@gmail.com>
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation, Inc.,
20 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include "autoconnect.h"
28 #include "connection.h"
38 int contradicting_add_edge = 0;
39 int contradicting_del_edge = 0;
40 static int sleeptime = 10;
41 time_t last_config_check = 0;
42 static timeout_t pingtimer;
43 static timeout_t periodictimer;
44 static struct timeval last_periodic_run_time;
46 /* Purge edges and subnets of unreachable nodes. Use carefully. */
49 logger(DEBUG_PROTOCOL, LOG_DEBUG, "Purging unreachable nodes");
51 /* Remove all edges and subnets owned by unreachable nodes. */
53 for splay_each(node_t, n, node_tree) {
54 if(!n->status.reachable) {
55 logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Purging node %s (%s)", n->name, n->hostname);
57 for splay_each(subnet_t, s, n->subnet_tree) {
58 send_del_subnet(everyone, s);
65 for splay_each(edge_t, e, n->edge_tree) {
67 send_del_edge(everyone, e);
75 /* Check if anyone else claims to have an edge to an unreachable node. If not, delete node. */
77 for splay_each(node_t, n, node_tree) {
78 if(!n->status.reachable) {
79 for splay_each(edge_t, e, edge_weight_tree)
84 if(!autoconnect && (!strictsubnets || !n->subnet_tree->head))
85 /* in strictsubnets mode do not delete nodes with subnets */
93 /* Put a misbehaving connection in the tarpit */
95 static int pits[10] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1};
96 static unsigned int next_pit = 0;
98 if(pits[next_pit] != -1) {
99 closesocket(pits[next_pit]);
102 pits[next_pit++] = fd;
104 if(next_pit >= sizeof pits / sizeof pits[0]) {
110 Terminate a connection:
111 - Mark it as inactive
112 - Remove the edge representing this connection
114 - Check if we need to retry making an outgoing connection
116 void terminate_connection(connection_t *c, bool report) {
117 logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Closing connection with %s (%s)", c->name, c->hostname);
120 if(c->node->connection == c) {
121 c->node->connection = NULL;
125 if(report && !tunnelserver) {
126 send_del_edge(everyone, c->edge);
132 /* Run MST and SSSP algorithms */
136 /* If the node is not reachable anymore but we remember it had an edge to us, clean it up */
138 if(report && !c->node->status.reachable) {
140 e = lookup_edge(c->node, myself);
144 send_del_edge(everyone, e);
153 outgoing_t *outgoing = c->outgoing;
156 /* Check if this was our outgoing connection */
159 do_outgoing_connection(outgoing);
163 /* Clean up dead proxy processes */
165 while(waitpid(-1, NULL, WNOHANG) > 0);
171 Check if the other end is active.
172 If we have sent packets, but didn't receive any,
173 then possibly the other end is dead. We send a
174 PING request over the meta connection. If the other
175 end does not reply in time, we consider them dead
176 and close the connection.
178 static void timeout_handler(void *data) {
180 bool close_all_connections = false;
183 timeout_handler will start after 30 seconds from start of tincd
184 hold information about the elapsed time since last time the handler
187 long sleep_time = now.tv_sec - last_periodic_run_time.tv_sec;
190 It seems that finding sane default value is harder than expected
191 Since we send every second a UDP packet to make holepunching work
192 And default UDP state expire on firewalls is between 15-30 seconds
193 we drop all connections after 60 Seconds - UDPDiscoveryTimeout=30
196 if(sleep_time > 2 * udp_discovery_timeout) {
197 logger(DEBUG_ALWAYS, LOG_ERR, "Awaking from dead after %ld seconds of sleep", sleep_time);
199 Do not send any packets to tinc after we wake up.
200 The other node probably closed our connection but we still
201 are holding context information to them. This may happen on
202 laptops or any other hardware which can be suspended for some time.
203 Sending any data to node that wasn't expecting it will produce
204 annoying and misleading errors on the other side about failed signature
205 verification and or about missing sptps context
207 close_all_connections = true;
210 last_periodic_run_time = now;
212 for list_each(connection_t, c, &connection_list) {
213 // control connections (eg. tinc ctl) do not have any timeout
214 if(c->status.control) {
218 if(close_all_connections) {
219 logger(DEBUG_ALWAYS, LOG_ERR, "Forcing connection close after sleep time %s (%s)", c->name, c->hostname);
220 terminate_connection(c, c->edge);
224 // Bail out early if we haven't reached the ping timeout for this node yet
225 if(c->last_ping_time + pingtimeout > now.tv_sec) {
229 // timeout during connection establishing
231 if(c->status.connecting) {
232 logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout while connecting to %s (%s)", c->name, c->hostname);
234 logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout from %s (%s) during authentication", c->name, c->hostname);
235 c->status.tarpit = true;
238 terminate_connection(c, c->edge);
242 // helps in UDP holepunching
243 try_tx(c->node, false);
245 // timeout during ping
246 if(c->status.pinged) {
247 logger(DEBUG_CONNECTIONS, LOG_INFO, "%s (%s) didn't respond to PING in %ld seconds", c->name, c->hostname, (long)(now.tv_sec - c->last_ping_time));
248 terminate_connection(c, c->edge);
252 // check whether we need to send a new ping
253 if(c->last_ping_time + pinginterval <= now.tv_sec) {
258 timeout_set(data, &(struct timeval) {
263 static void periodic_handler(void *data) {
264 /* Check if there are too many contradicting ADD_EDGE and DEL_EDGE messages.
265 This usually only happens when another node has the same Name as this node.
266 If so, sleep for a short while to prevent a storm of contradicting messages.
269 if(contradicting_del_edge > 100 && contradicting_add_edge > 100) {
270 logger(DEBUG_ALWAYS, LOG_WARNING, "Possible node with same Name as us! Sleeping %d seconds.", sleeptime);
271 nanosleep(&(struct timespec) {
287 contradicting_add_edge = 0;
288 contradicting_del_edge = 0;
290 /* If AutoConnect is set, check if we need to make or break connections. */
292 if(autoconnect && node_tree->count > 1) {
296 timeout_set(data, &(struct timeval) {
301 void handle_meta_connection_data(connection_t *c) {
302 if(!receive_meta(c)) {
303 if(!c->status.control) {
304 c->status.tarpit = true;
307 terminate_connection(c, c->edge);
313 static void sigterm_handler(void *data) {
314 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
318 static void sighup_handler(void *data) {
319 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
322 if(reload_configuration()) {
327 static void sigalrm_handler(void *data) {
328 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
333 int reload_configuration(void) {
334 char fname[PATH_MAX];
336 /* Reread our own configuration file */
338 exit_configuration(&config_tree);
339 init_configuration(&config_tree);
341 if(!read_server_config(config_tree)) {
342 logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file.");
346 read_config_options(config_tree, NULL);
348 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, myself->name);
349 read_config_file(config_tree, fname, true);
351 /* Parse some options that are allowed to be changed while tinc is running */
353 setup_myself_reloadable();
355 /* If StrictSubnet is set, expire deleted Subnets and read new ones in */
358 for splay_each(subnet_t, subnet, subnet_tree)
364 for splay_each(node_t, n, node_tree) {
365 n->status.has_address = false;
371 for splay_each(subnet_t, subnet, subnet_tree) {
376 if(subnet->expires == 1) {
377 send_del_subnet(everyone, subnet);
379 if(subnet->owner->status.reachable) {
380 subnet_update(subnet->owner, subnet, false);
383 subnet_del(subnet->owner, subnet);
384 } else if(subnet->expires == -1) {
387 send_add_subnet(everyone, subnet);
389 if(subnet->owner->status.reachable) {
390 subnet_update(subnet->owner, subnet, true);
394 } else { /* Only read our own subnets back in */
395 for splay_each(subnet_t, subnet, myself->subnet_tree)
396 if(!subnet->expires) {
400 config_t *cfg = lookup_config(config_tree, "Subnet");
403 subnet_t *subnet, *s2;
405 if(get_config_subnet(cfg, &subnet)) {
406 if((s2 = lookup_subnet(myself, subnet))) {
407 if(s2->expires == 1) {
413 subnet_add(myself, subnet);
414 send_add_subnet(everyone, subnet);
415 subnet_update(myself, subnet, true);
419 cfg = lookup_config_next(config_tree, cfg);
422 for splay_each(subnet_t, subnet, myself->subnet_tree) {
423 if(subnet->expires == 1) {
424 send_del_subnet(everyone, subnet);
425 subnet_update(myself, subnet, false);
426 subnet_del(myself, subnet);
431 /* Try to make outgoing connections */
433 try_outgoing_connections();
435 /* Close connections to hosts that have a changed or deleted host config file */
437 for list_each(connection_t, c, &connection_list) {
438 if(c->status.control) {
442 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, c->name);
445 if(stat(fname, &s) || s.st_mtime > last_config_check) {
446 logger(DEBUG_CONNECTIONS, LOG_INFO, "Host config file of %s has been changed", c->name);
447 terminate_connection(c, c->edge);
451 last_config_check = now.tv_sec;
457 /* Reset the reconnection timers for all outgoing connections */
458 for list_each(outgoing_t, outgoing, &outgoing_list) {
459 outgoing->timeout = 0;
462 timeout_set(&outgoing->ev, &(struct timeval) {
467 /* Check for outgoing connections that are in progress, and reset their ping timers */
468 for list_each(connection_t, c, &connection_list) {
469 if(c->outgoing && !c->node) {
470 c->last_ping_time = 0;
474 /* Kick the ping timeout handler */
475 timeout_set(&pingtimer, &(struct timeval) {
481 this is where it all happens...
483 int main_loop(void) {
484 last_periodic_run_time = now;
485 timeout_add(&pingtimer, timeout_handler, &pingtimer, &(struct timeval) {
486 pingtimeout, rand() % 100000
488 timeout_add(&periodictimer, periodic_handler, &periodictimer, &(struct timeval) {
493 signal_t sighup = {0};
494 signal_t sigterm = {0};
495 signal_t sigquit = {0};
496 signal_t sigint = {0};
497 signal_t sigalrm = {0};
499 signal_add(&sighup, sighup_handler, &sighup, SIGHUP);
500 signal_add(&sigterm, sigterm_handler, &sigterm, SIGTERM);
501 signal_add(&sigquit, sigterm_handler, &sigquit, SIGQUIT);
502 signal_add(&sigint, sigterm_handler, &sigint, SIGINT);
503 signal_add(&sigalrm, sigalrm_handler, &sigalrm, SIGALRM);
507 logger(DEBUG_ALWAYS, LOG_ERR, "Error while waiting for input: %s", sockstrerror(sockerrno));
513 signal_del(&sigterm);
514 signal_del(&sigquit);
516 signal_del(&sigalrm);
519 timeout_del(&periodictimer);
520 timeout_del(&pingtimer);
projects / tinc / blob