X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_socket.c;h=a4c7f076130e52351a35e73c383078286b44cc23;hp=2d1ecc50e83f40ed5d03590e49a8a7a6e6e13182;hb=4a5c12ec97fa1e82aae2d327fdc648e5203eb478;hpb=0a84f9cb8f52f2d2b4f03a5ad5ef9dfcd3509033

diff --git a/src/net_socket.c b/src/net_socket.c
index 2d1ecc50..a4c7f076 100644
--- a/src/net_socket.c
+++ b/src/net_socket.c
@@ -1,7 +1,7 @@
 /*
     net_socket.c -- Handle various kinds of sockets.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2015 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2009      Florian Forster <octo@verplant.org>
 
@@ -31,6 +31,7 @@
 #include "net.h"
 #include "netutl.h"
 #include "protocol.h"
+#include "proxy.h"
 #include "utils.h"
 #include "xalloc.h"
 
@@ -40,6 +41,7 @@
 #endif
 
 int addressfamily = AF_UNSPEC;
+int mintimeout = 0;
 int maxtimeout = 900;
 int seconds_till_retry = 5;
 int udp_rcvbuf = 0;
@@ -64,7 +66,7 @@ static void configure_tcp(connection_t *c) {
 	unsigned long arg = 1;
 
 	if(ioctlsocket(c->socket, FIONBIO, &arg) != 0) {
-		logger(LOG_ERR, "ioctlsocket for %s: %d", c->hostname, sockstrerror(sockerrno));
+		logger(LOG_ERR, "ioctlsocket for %s: %s", c->hostname, sockstrerror(sockerrno));
 	}
 #endif
 
@@ -77,6 +79,11 @@ static void configure_tcp(connection_t *c) {
 	option = IPTOS_LOWDELAY;
 	setsockopt(c->socket, SOL_IP, IP_TOS, (void *)&option, sizeof(option));
 #endif
+
+#if defined(IPPROTO_IPV6) && defined(IPV6_TCLASS) && defined(IPTOS_LOWDELAY)
+	option = IPTOS_LOWDELAY;
+	setsockopt(c->socket, IPPROTO_IPV6, IPV6_TCLASS, (void *)&option, sizeof(option));
+#endif
 }
 
 static bool bind_to_interface(int sd) {
@@ -87,20 +94,21 @@ static bool bind_to_interface(int sd) {
 	int status;
 #endif /* defined(SOL_SOCKET) && defined(SO_BINDTODEVICE) */
 
-	if(!get_config_string (lookup_config (config_tree, "BindToInterface"), &iface))
+	if(!get_config_string(lookup_config (config_tree, "BindToInterface"), &iface))
 		return true;
 
 #if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
 	memset(&ifr, 0, sizeof(ifr));
 	strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ);
 	ifr.ifr_ifrn.ifrn_name[IFNAMSIZ - 1] = 0;
+	free(iface);
 
 	status = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr));
 	if(status) {
-		logger(LOG_ERR, "Can't bind to interface %s: %s", iface,
-				strerror(errno));
+		logger(LOG_ERR, "Can't bind to interface %s: %s", ifr.ifr_ifrn.ifrn_name, strerror(errno));
 		return false;
 	}
+
 #else /* if !defined(SOL_SOCKET) || !defined(SO_BINDTODEVICE) */
 	logger(LOG_WARNING, "%s not supported on this platform", "BindToInterface");
 #endif
@@ -135,20 +143,21 @@ int setup_listen_socket(const sockaddr_t *sa) {
 		setsockopt(nfd, SOL_IPV6, IPV6_V6ONLY, (void *)&option, sizeof option);
 #endif
 
-	if(get_config_string
-	   (lookup_config(config_tree, "BindToInterface"), &iface)) {
+	if(get_config_string(lookup_config(config_tree, "BindToInterface"), &iface)) {
 #if defined(SOL_SOCKET) && defined(SO_BINDTODEVICE)
 		struct ifreq ifr;
 
 		memset(&ifr, 0, sizeof(ifr));
 		strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ);
+		ifr.ifr_ifrn.ifrn_name[IFNAMSIZ - 1] = 0;
+		free(iface);
 
 		if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr))) {
 			closesocket(nfd);
-			logger(LOG_ERR, "Can't bind to interface %s: %s", iface,
-				   strerror(sockerrno));
+			logger(LOG_ERR, "Can't bind to interface %s: %s", ifr.ifr_ifrn.ifrn_name, strerror(sockerrno));
 			return -1;
 		}
+
 #else
 		logger(LOG_WARNING, "%s not supported on this platform", "BindToInterface");
 #endif
@@ -238,8 +247,6 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
 		option = 1;
 		setsockopt(nfd, IPPROTO_IP, IP_DONTFRAGMENT, (void *)&option, sizeof(option));
 	}
-#else
-#warning No way to disable IPv4 fragmentation
 #endif
 
 #if defined(SOL_IPV6) && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
@@ -252,8 +259,6 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
 		option = 1;
 		setsockopt(nfd, IPPROTO_IPV6, IPV6_DONTFRAG, (void *)&option, sizeof(option));
 	}
-#else
-#warning No way to disable IPv6 fragmentation
 #endif
 
 	if (!bind_to_interface(nfd)) {
@@ -275,6 +280,9 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {
 void retry_outgoing(outgoing_t *outgoing) {
 	outgoing->timeout += 5;
 
+	if(outgoing->timeout < mintimeout)
+		outgoing->timeout = mintimeout;
+
 	if(outgoing->timeout > maxtimeout)
 		outgoing->timeout = maxtimeout;
 
@@ -294,9 +302,6 @@ void retry_outgoing(outgoing_t *outgoing) {
 void finish_connecting(connection_t *c) {
 	ifdebug(CONNECTIONS) logger(LOG_INFO, "Connected to %s (%s)", c->name, c->hostname);
 
-	if(proxytype != PROXY_EXEC)
-		configure_tcp(c);
-
 	c->last_ping_time = now;
 
 	send_id(c);
@@ -314,7 +319,7 @@ static void do_outgoing_pipe(connection_t *c, char *command) {
 	if(fork()) {
 		c->socket = fd[0];
 		close(fd[1]);
-		logger(LOG_DEBUG, "Using proxy %s", command);
+		ifdebug(CONNECTIONS) logger(LOG_DEBUG, "Using proxy %s", command);
 		return;
 	}
 
@@ -350,8 +355,19 @@ static void do_outgoing_pipe(connection_t *c, char *command) {
 #endif
 }
 
+static bool is_valid_host_port(const char *host, const char *port) {
+	for(const char *p = host; *p; p++)
+		if(!isalnum(*p) && *p != '-' && *p != '.')
+			return false;
+
+	for(const char *p = port; *p; p++)
+		if(!isalnum(*p))
+			return false;
+
+	return true;
+}
+
 void do_outgoing_connection(connection_t *c) {
-	char *address, *port, *space;
 	struct addrinfo *proxyai = NULL;
 	int result;
 
@@ -371,6 +387,8 @@ begin:
 			return;
 		}
 
+		char *address, *port, *space;
+
 		get_config_string(c->outgoing->cfg, &address);
 
 		space = strchr(address, ' ');
@@ -383,11 +401,23 @@ begin:
 		}
 
 		c->outgoing->ai = str2addrinfo(address, port, SOCK_STREAM);
-		free(address);
-		free(port);
+
+		// If we cannot resolve the address, maybe we are using a proxy that can?
+		if(!c->outgoing->ai && proxytype != PROXY_NONE && is_valid_host_port(address, port)) {
+			memset(&c->address, 0, sizeof c->address);
+			c->address.sa.sa_family = AF_UNKNOWN;
+			c->address.unknown.address = address;
+			c->address.unknown.port = port;
+		} else {
+			free(address);
+			free(port);
+		}
 
 		c->outgoing->aip = c->outgoing->ai;
 		c->outgoing->cfg = lookup_config_next(c->config_tree, c->outgoing->cfg);
+
+		if(!c->outgoing->ai && proxytype != PROXY_NONE)
+			goto connect;
 	}
 
 	if(!c->outgoing->aip) {
@@ -400,6 +430,7 @@ begin:
 	memcpy(&c->address, c->outgoing->aip->ai_addr, c->outgoing->aip->ai_addrlen);
 	c->outgoing->aip = c->outgoing->aip->ai_next;
 
+connect:
 	if(c->hostname)
 		free(c->hostname);
 
@@ -410,7 +441,6 @@ begin:
 
 	if(!proxytype) {
 		c->socket = socket(c->address.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
-		configure_tcp(c);
 	} else if(proxytype == PROXY_EXEC) {
 		do_outgoing_pipe(c, proxyhost);
 	} else {
@@ -426,6 +456,9 @@ begin:
 		goto begin;
 	}
 
+	if(proxytype != PROXY_EXEC)
+		configure_tcp(c);
+
 #ifdef FD_CLOEXEC
 	fcntl(c->socket, F_SETFD, FD_CLOEXEC);
 #endif
@@ -451,8 +484,11 @@ begin:
 		freeaddrinfo(proxyai);
 	}
 
+	now = time(NULL);
+
 	if(result == -1) {
 		if(sockinprogress(sockerrno)) {
+			c->last_ping_time = now;
 			c->status.connecting = true;
 			return;
 		}