X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_packet.c;h=a989b09f20733aaf7244bea77073109ddb49469c;hp=79d3b18ab095e519c4e89d1be4431165b523c5b6;hb=288d956728ab4d4aabe9bc59b87991420dbda151;hpb=1401faf608e1c8af0d0754e545b0ec79d2bd5d93 diff --git a/src/net_packet.c b/src/net_packet.c index 79d3b18a..a989b09f 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -1,7 +1,7 @@ /* net_packet.c -- Handles in- and outgoing VPN packets - Copyright (C) 1998-2002 Ivo Timmermans , - 2000-2002 Guus Sliepen + Copyright (C) 1998-2003 Ivo Timmermans , + 2000-2003 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,37 +17,10 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_packet.c,v 1.1.2.32 2003/07/06 23:16:28 guus Exp $ + $Id: net_packet.c,v 1.1.2.41 2003/09/23 20:59:01 guus Exp $ */ -#include "config.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -/* SunOS really wants sys/socket.h BEFORE net/if.h, - and FreeBSD wants these lines below the rest. */ -#include -#include -#include -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif -#ifdef HAVE_NETINET_TCP_H -#include -#endif +#include "system.h" #include #include @@ -57,27 +30,21 @@ #include #include -#include -#include -#include -#include - +#include "avl_tree.h" #include "conf.h" #include "connection.h" -#include "meta.h" +#include "device.h" +#include "event.h" +#include "graph.h" +#include "list.h" +#include "logger.h" #include "net.h" #include "netutl.h" -#include "process.h" #include "protocol.h" -#include "subnet.h" -#include "graph.h" #include "process.h" #include "route.h" -#include "device.h" -#include "event.h" -#include "logger.h" - -#include "system.h" +#include "utils.h" +#include "xalloc.h" int keylifetime = 0; int keyexpires = 0; @@ -133,7 +100,7 @@ static void receive_packet(node_t *n, vpn_packet_t *packet) { cp(); - logger(DEBUG_TRAFFIC, LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), + ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Received packet of %d bytes from %s (%s)"), packet->len, n->name, n->hostname); route_incoming(n, packet); @@ -151,6 +118,14 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) cp(); + /* Check packet length */ + + if(inpkt->len < sizeof(inpkt->seqno) + myself->maclength) { + ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Got too short packet from %s (%s)"), + n->name, n->hostname); + return; + } + /* Check the message authentication code */ if(myself->digest && myself->maclength) { @@ -159,7 +134,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) (char *) &inpkt->seqno, inpkt->len, hmac, NULL); if(memcmp(hmac, (char *) &inpkt->seqno + inpkt->len, myself->maclength)) { - logger(DEBUG_TRAFFIC, LOG_DEBUG, _("Got unauthenticated packet from %s (%s)"), + ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Got unauthenticated packet from %s (%s)"), n->name, n->hostname); return; } @@ -188,13 +163,13 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) if(inpkt->seqno != n->received_seqno + 1) { if(inpkt->seqno >= n->received_seqno + sizeof(n->late) * 8) { - logger(DEBUG_ALWAYS, LOG_WARNING, _("Lost %d packets from %s (%s)"), + logger(LOG_WARNING, _("Lost %d packets from %s (%s)"), inpkt->seqno - n->received_seqno - 1, n->name, n->hostname); memset(n->late, 0, sizeof(n->late)); } else if (inpkt->seqno <= n->received_seqno) { if(inpkt->seqno <= n->received_seqno - sizeof(n->late) * 8 || !(n->late[(inpkt->seqno / 8) % sizeof(n->late)] & (1 << inpkt->seqno % 8))) { - logger(DEBUG_ALWAYS, LOG_WARNING, _("Got late or replayed packet from %s (%s), seqno %d, last received %d"), + logger(LOG_WARNING, _("Got late or replayed packet from %s (%s), seqno %d, last received %d"), n->name, n->hostname, inpkt->seqno, n->received_seqno); } else for(i = n->received_seqno + 1; i < inpkt->seqno; i++) @@ -214,7 +189,7 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) outpkt = pkt[nextpkt++]; if((outpkt->len = uncompress_packet(outpkt->data, inpkt->data, inpkt->len, myself->compression)) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, _("Error while uncompressing packet from %s (%s)"), + logger(LOG_ERR, _("Error while uncompressing packet from %s (%s)"), n->name, n->hostname); return; } @@ -222,6 +197,9 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) inpkt = outpkt; } + if(n->connection) + n->connection->last_ping_time = now; + receive_packet(n, inpkt); } @@ -255,7 +233,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt) /* Make sure we have a valid key */ if(!n->status.validkey) { - logger(DEBUG_TRAFFIC, LOG_INFO, + ifdebug(TRAFFIC) logger(LOG_INFO, _("No valid key known yet for %s (%s), queueing packet"), n->name, n->hostname); @@ -272,7 +250,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt) if(!n->status.waitingforkey) send_req_key(n->nexthop->connection, myself, n); - n->status.waitingforkey = 1; + n->status.waitingforkey = true; return; } @@ -286,7 +264,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt) outpkt = pkt[nextpkt++]; if((outpkt->len = compress_packet(outpkt->data, inpkt->data, inpkt->len, n->compression)) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, _("Error while compressing packet to %s (%s)"), + logger(LOG_ERR, _("Error while compressing packet to %s (%s)"), n->name, n->hostname); return; } @@ -337,16 +315,14 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt) if(priorityinheritance && origpriority != priority && listen_socket[sock].sa.sa.sa_family == AF_INET) { priority = origpriority; - logger(DEBUG_TRAFFIC, LOG_DEBUG, _("Setting outgoing packet priority to %d"), priority); + ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Setting outgoing packet priority to %d"), priority); if(setsockopt(listen_socket[sock].udp, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */ - logger(DEBUG_ALWAYS, LOG_ERR, _("System call `%s' failed: %s"), "setsockopt", - strerror(errno)); + logger(LOG_ERR, _("System call `%s' failed: %s"), "setsockopt", strerror(errno)); } #endif if((sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, &(n->address.sa), SALEN(n->address.sa))) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, _("Error sending packet to %s (%s): %s"), n->name, - n->hostname, strerror(errno)); + logger(LOG_ERR, _("Error sending packet to %s (%s): %s"), n->name, n->hostname, strerror(errno)); return; } @@ -356,22 +332,22 @@ static void send_udppacket(node_t *n, vpn_packet_t *inpkt) /* send a packet to the given vpn ip. */ -void send_packet(node_t *n, vpn_packet_t *packet) +void send_packet(const node_t *n, vpn_packet_t *packet) { node_t *via; cp(); - logger(DEBUG_TRAFFIC, LOG_ERR, _("Sending packet of %d bytes to %s (%s)"), + ifdebug(TRAFFIC) logger(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"), packet->len, n->name, n->hostname); if(n == myself) { - logger(DEBUG_TRAFFIC, LOG_NOTICE, _("Packet is looping back to us!")); + ifdebug(TRAFFIC) logger(LOG_NOTICE, _("Packet is looping back to us!")); return; } if(!n->status.reachable) { - logger(DEBUG_TRAFFIC, LOG_INFO, _("Node %s (%s) is not reachable"), + ifdebug(TRAFFIC) logger(LOG_INFO, _("Node %s (%s) is not reachable"), n->name, n->hostname); return; } @@ -379,30 +355,30 @@ void send_packet(node_t *n, vpn_packet_t *packet) via = (n->via == myself) ? n->nexthop : n->via; if(via != n) - logger(DEBUG_TRAFFIC, LOG_ERR, _("Sending packet to %s via %s (%s)"), + ifdebug(TRAFFIC) logger(LOG_ERR, _("Sending packet to %s via %s (%s)"), n->name, via->name, n->via->hostname); if((myself->options | via->options) & OPTION_TCPONLY) { - if(send_tcppacket(via->connection, packet)) - terminate_connection(via->connection, 1); + if(!send_tcppacket(via->connection, packet)) + terminate_connection(via->connection, true); } else send_udppacket(via, packet); } /* Broadcast a packet using the minimum spanning tree */ -void broadcast_packet(node_t *from, vpn_packet_t *packet) +void broadcast_packet(const node_t *from, vpn_packet_t *packet) { avl_node_t *node; connection_t *c; cp(); - logger(DEBUG_TRAFFIC, LOG_INFO, _("Broadcasting packet of %d bytes from %s (%s)"), + ifdebug(TRAFFIC) logger(LOG_INFO, _("Broadcasting packet of %d bytes from %s (%s)"), packet->len, from->name, from->hostname); for(node = connection_tree->head; node; node = node->next) { - c = (connection_t *) node->data; + c = node->data; if(c->status.active && c->status.mst && c != from->nexthop->connection) send_packet(c->node, packet); @@ -415,11 +391,11 @@ void flush_queue(node_t *n) cp(); - logger(DEBUG_TRAFFIC, LOG_INFO, _("Flushing queue for %s (%s)"), n->name, n->hostname); + ifdebug(TRAFFIC) logger(LOG_INFO, _("Flushing queue for %s (%s)"), n->name, n->hostname); for(node = n->queue->head; node; node = next) { next = node->next; - send_udppacket(n, (vpn_packet_t *) node->data); + send_udppacket(n, node->data); list_delete_node(n->queue, node); } } @@ -427,7 +403,6 @@ void flush_queue(node_t *n) void handle_incoming_vpn_data(int sock) { vpn_packet_t pkt; - int x, l = sizeof(x); char *hostname; sockaddr_t from; socklen_t fromlen = sizeof(from); @@ -435,22 +410,10 @@ void handle_incoming_vpn_data(int sock) cp(); - if(getsockopt(sock, SOL_SOCKET, SO_ERROR, &x, &l) < 0) { - logger(DEBUG_ALWAYS, LOG_ERR, _("This is a bug: %s:%d: %d:%s"), - __FILE__, __LINE__, sock, strerror(errno)); - cp_trace(); - exit(1); - } - - if(x) { - logger(DEBUG_ALWAYS, LOG_ERR, _("Incoming data socket error: %s"), strerror(x)); - return; - } - pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen); - if(pkt.len <= 0) { - logger(DEBUG_ALWAYS, LOG_ERR, _("Receiving packet failed: %s"), strerror(errno)); + if(pkt.len < 0) { + logger(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno)); return; } @@ -460,14 +423,11 @@ void handle_incoming_vpn_data(int sock) if(!n) { hostname = sockaddr2hostname(&from); - logger(DEBUG_ALWAYS, LOG_WARNING, _("Received UDP packet from unknown source %s"), + logger(LOG_WARNING, _("Received UDP packet from unknown source %s"), hostname); free(hostname); return; } - if(n->connection) - n->connection->last_ping_time = now; - receive_udppacket(n, &pkt); }