From: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue, 18 Dec 2018 16:44:08 +0000 (+0100)
Subject: Prevent large amounts of UDP probes being sent consecutively.
X-Git-Tag: release-1.1pre18~30
X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=017a7fb57655d9b1d706ee78f7e3d0000411b883;hp=25a3945e77927c11cae915b7b46fac7ac789013d

Prevent large amounts of UDP probes being sent consecutively.

We cannot reset udp_ping_sent to zero when we receive a valid reply to
an UDP probe, because that would cause a new one to be sent immediately
in try_udp(). Instead, add a bit to node_status_t to keep track of whether we
have a UDP probe that's waiting for a reply.

Thanks to Ronny Nilsson for spotting the source of the problem.
---

diff --git a/src/net_packet.c b/src/net_packet.c
index 5a856429..31c66d32 100644
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -152,11 +152,12 @@ static void udp_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
 		len = ntohs(len16);
 	}
 
-	if(n->udp_ping_sent.tv_sec != 0) {  // a probe in flight
+	if(n->status.ping_sent) {  // a probe in flight
 		gettimeofday(&now, NULL);
 		struct timeval rtt;
 		timersub(&now, &n->udp_ping_sent, &rtt);
 		n->udp_ping_rtt = rtt.tv_sec * 1000000 + rtt.tv_usec;
+		n->status.ping_sent = false;
 		logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d UDP probe reply %d from %s (%s) rtt=%d.%03d", DATA(packet)[0], len, n->name, n->hostname, n->udp_ping_rtt / 1000, n->udp_ping_rtt % 1000);
 	} else {
 		logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d UDP probe reply %d from %s (%s)", DATA(packet)[0], len, n->name, n->hostname);
@@ -175,8 +176,7 @@ static void udp_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
 		reset_address_cache(n->address_cache, &n->address);
 	}
 
-	// Reset the UDP ping timer. (no probe in flight)
-	n->udp_ping_sent.tv_sec = 0;
+	// Reset the UDP ping timer.
 
 	if(udp_discovery) {
 		timeout_del(&n->udp_ping_timeout);
@@ -1132,6 +1132,7 @@ static void try_udp(node_t *n) {
 	if(ping_tx_elapsed.tv_sec >= interval) {
 		gettimeofday(&now, NULL);
 		n->udp_ping_sent = now; // a probe in flight
+		n->status.ping_sent = true;
 		send_udp_probe_packet(n, MIN_PROBE_SIZE);
 
 		if(localdiscovery && !n->status.udp_confirmed && n->prevedge) {
diff --git a/src/node.h b/src/node.h
index 3daffd4a..1b33789e 100644
--- a/src/node.h
+++ b/src/node.h
@@ -41,7 +41,8 @@ typedef struct node_status_t {
 	unsigned int udppacket: 1;              /* 1 if the most recently received packet was UDP */
 	unsigned int validkey_in: 1;            /* 1 if we have sent a valid key to him */
 	unsigned int has_address: 1;            /* 1 if we know an external address for this node */
-	unsigned int unused: 20;
+	unsigned int ping_sent: 1;              /* 1 if we sent a UDP probe but haven't received the reply yet */
+	unsigned int unused: 19;
 } node_status_t;
 
 typedef struct node_t {