--- gvpe/src/connection.C 2005/03/04 08:15:04 1.44 +++ gvpe/src/connection.C 2005/03/18 01:53:05 1.50 @@ -30,8 +30,6 @@ #include #include -#include "gettext.h" - #include "conf.h" #include "slog.h" #include "device.h" @@ -480,7 +478,7 @@ prot_minor = PROTOCOL_MINOR; randsize = RAND_SIZE; hmaclen = HMACLENGTH; - flags = ENABLE_COMPRESSION ? 0x81 : 0x80; + flags = 0; challengelen = sizeof (rsachallenge); features = get_features (); @@ -500,10 +498,6 @@ slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE); else if (hmaclen != HMACLENGTH) slog (L_WARN, _("hmac length mismatch (remote %d <=> local %d)"), hmaclen, HMACLENGTH); -#if 0 // this implementation should handle all flag settings - else if (flags != curflags ()) - slog (L_WARN, _("flag mismatch (remote %x <=> local %x)"), flags, curflags ()); -#endif else if (challengelen != sizeof (rsachallenge)) slog (L_WARN, _("challenge length mismatch (remote %d <=> local %d)"), challengelen, sizeof (rsachallenge)); else if (cipher_nid != htonl (EVP_CIPHER_nid (CIPHER))) @@ -646,8 +640,8 @@ if (r) { - slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"), - conf->nodename, r->conf->nodename); + slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s (%s)"), + conf->nodename, r->conf->nodename, (const char *)r->si); return r->si; } else @@ -661,33 +655,7 @@ void connection::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos) { - bool ok; - - switch (si.prot) - { - case PROT_IPv4: - ok = vpn->send_ipv4_packet (pkt, si, tos); break; - case PROT_UDPv4: - ok = vpn->send_udpv4_packet (pkt, si, tos); break; -#if ENABLE_TCP - case PROT_TCPv4: - ok = vpn->send_tcpv4_packet (pkt, si, tos); break; -#endif -#if ENABLE_ICMP - case PROT_ICMPv4: - ok = vpn->send_icmpv4_packet (pkt, si, tos); break; -#endif -#if ENABLE_DNS - case PROT_DNSv4: - ok = send_dnsv4_packet (pkt, si, tos); break; -#endif - - default: - slog (L_CRIT, _("%s: FATAL: trying to send packet with unsupported protocol"), (const char *)si); - ok = false; - } - - if (!ok) + if (!vpn->send_vpn_packet (pkt, si, tos)) reset_connection (); } @@ -773,23 +741,24 @@ && connectmode != conf_node::C_DISABLED && NOW > w.at) { - double retry_int = double (retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2)) * 0.6; - - if (retry_int < conf->max_retry) - retry_cnt++; - else - retry_int = conf->max_retry; + w.at = TSTAMP_MAX; // first disable this watcher in case of recursion - w.start (NOW + retry_int); + double retry_int = double (retry_cnt & 3 + ? (retry_cnt & 3) + 1 + : 1 << (retry_cnt >> 2)); reset_si (); + bool slow = si.prot & PROT_SLOW; + if (si.prot && !si.host) vpn->send_connect_request (conf->id); else { const sockinfo &dsi = forward_si (si); + slow = slow || (dsi.prot & PROT_SLOW); + if (dsi.valid () && auth_rate_limiter.can (dsi)) { if (retry_cnt < 4) @@ -798,6 +767,15 @@ send_ping (dsi, 0); } } + + retry_int *= slow ? 8. : 0.7; + + if (retry_int < conf->max_retry) + retry_cnt++; + else + retry_int = conf->max_retry; + + w.start (NOW + retry_int); } } @@ -816,7 +794,7 @@ delete ictx; ictx = 0; delete octx; octx = 0; #if ENABLE_DNS - delete dns; dns = 0; + dnsv4_reset_connection (); #endif si.host = 0; @@ -966,9 +944,6 @@ octx = new crypto_ctx (k, 1); oseqno = ntohl (*(u32 *)&k[CHG_SEQNO]) & 0x7fffffff; - // compatibility code, remove when no longer required - if (p->flags & 1) p->features |= FEATURE_COMPRESSION; - conf->protocols = p->protocols; features = p->features & config_packet::get_features ();