ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.58 by pcg, Sat Jul 9 02:35:42 2005 UTC vs.
Revision 1.61 by pcg, Sat Nov 10 19:43:37 2007 UTC

90 rsachallenge chg; 90 rsachallenge chg;
91}; 91};
92 92
93struct rsa_cache : list<rsa_entry> 93struct rsa_cache : list<rsa_entry>
94{ 94{
95 void cleaner_cb (time_watcher &w); time_watcher cleaner; 95 void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner;
96 96
97 bool find (const rsaid &id, rsachallenge &chg) 97 bool find (const rsaid &id, rsachallenge &chg)
98 { 98 {
99 for (iterator i = begin (); i != end (); ++i) 99 for (iterator i = begin (); i != end (); ++i)
100 { 100 {
101 if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW) 101 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev::ev_now ())
102 { 102 {
103 memcpy (&chg, &i->chg, sizeof chg); 103 memcpy (&chg, &i->chg, sizeof chg);
104 104
105 erase (i); 105 erase (i);
106 return true; 106 return true;
107 } 107 }
108 } 108 }
109 109
110 if (cleaner.at < NOW) 110 if (!cleaner.is_active ())
111 cleaner.start (NOW + RSA_TTL); 111 cleaner.again ();
112 112
113 return false; 113 return false;
114 } 114 }
115 115
116 void gen (rsaid &id, rsachallenge &chg) 116 void gen (rsaid &id, rsachallenge &chg)
118 rsa_entry e; 118 rsa_entry e;
119 119
120 RAND_bytes ((unsigned char *)&id, sizeof id); 120 RAND_bytes ((unsigned char *)&id, sizeof id);
121 RAND_bytes ((unsigned char *)&chg, sizeof chg); 121 RAND_bytes ((unsigned char *)&chg, sizeof chg);
122 122
123 e.expire = NOW + RSA_TTL; 123 e.expire = ev::ev_now () + RSA_TTL;
124 e.id = id; 124 e.id = id;
125 memcpy (&e.chg, &chg, sizeof chg); 125 memcpy (&e.chg, &chg, sizeof chg);
126 126
127 push_back (e); 127 push_back (e);
128 128
129 if (cleaner.at < NOW) 129 if (!cleaner.is_active ())
130 cleaner.start (NOW + RSA_TTL); 130 cleaner.again ();
131 } 131 }
132 132
133 rsa_cache () 133 rsa_cache ()
134 : cleaner (this, &rsa_cache::cleaner_cb) 134 : cleaner (this, &rsa_cache::cleaner_cb)
135 { } 135 {
136 cleaner.set (RSA_TTL, RSA_TTL);
137 }
136 138
137} rsa_cache; 139} rsa_cache;
138 140
139void rsa_cache::cleaner_cb (time_watcher &w) 141void rsa_cache::cleaner_cb (ev::timer &w, int revents)
140{ 142{
141 if (!empty ()) 143 if (empty ())
144 w.stop ();
145 else
142 { 146 {
143 w.start (NOW + RSA_TTL);
144
145 for (iterator i = begin (); i != end (); ) 147 for (iterator i = begin (); i != end (); )
146 if (i->expire <= NOW) 148 if (i->expire <= ev::ev_now ())
147 i = erase (i); 149 i = erase (i);
148 else 150 else
149 ++i; 151 ++i;
150 } 152 }
151} 153}
218 iterator i; 220 iterator i;
219 221
220 for (i = begin (); i != end (); ) 222 for (i = begin (); i != end (); )
221 if (i->host == host) 223 if (i->host == host)
222 break; 224 break;
223 else if (i->last < NOW - NRL_EXPIRE) 225 else if (i->last < ev::ev_now () - NRL_EXPIRE)
224 i = erase (i); 226 i = erase (i);
225 else 227 else
226 i++; 228 i++;
227 229
228 if (i == end ()) 230 if (i == end ())
230 net_rateinfo ri; 232 net_rateinfo ri;
231 233
232 ri.host = host; 234 ri.host = host;
233 ri.pcnt = 1.; 235 ri.pcnt = 1.;
234 ri.diff = NRL_MAXDIF; 236 ri.diff = NRL_MAXDIF;
235 ri.last = NOW; 237 ri.last = ev::ev_now ();
236 238
237 push_front (ri); 239 push_front (ri);
238 240
239 return true; 241 return true;
240 } 242 }
242 { 244 {
243 net_rateinfo ri (*i); 245 net_rateinfo ri (*i);
244 erase (i); 246 erase (i);
245 247
246 ri.pcnt = ri.pcnt * NRL_ALPHA; 248 ri.pcnt = ri.pcnt * NRL_ALPHA;
247 ri.diff = ri.diff * NRL_ALPHA + (NOW - ri.last); 249 ri.diff = ri.diff * NRL_ALPHA + (ev::ev_now () - ri.last);
248 250
249 ri.last = NOW; 251 ri.last = ev::ev_now ();
250 252
251 double dif = ri.diff / ri.pcnt; 253 double dif = ri.diff / ri.pcnt;
252 254
253 bool send = dif > NRL_CUTOFF; 255 bool send = dif > NRL_CUTOFF;
254 256
463#if ENABLE_COMPRESSION 465#if ENABLE_COMPRESSION
464 f |= FEATURE_COMPRESSION; 466 f |= FEATURE_COMPRESSION;
465#endif 467#endif
466#if ENABLE_ROHC 468#if ENABLE_ROHC
467 f |= FEATURE_ROHC; 469 f |= FEATURE_ROHC;
470#endif
471#if ENABLE_BRIDGING
472 f |= FEATURE_BRIDGING;
468#endif 473#endif
469 return f; 474 return f;
470 } 475 }
471}; 476};
472 477
579///////////////////////////////////////////////////////////////////////////// 584/////////////////////////////////////////////////////////////////////////////
580 585
581void 586void
582connection::connection_established () 587connection::connection_established ()
583{ 588{
589 slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx);
590
584 if (ictx && octx) 591 if (ictx && octx)
585 { 592 {
586 connectmode = conf->connectmode; 593 connectmode = conf->connectmode;
587 594
588 // make sure rekeying timeouts are slightly asymmetric 595 // make sure rekeying timeouts are slightly asymmetric
589 rekey.start (NOW + ::conf.rekey 596 ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0);
590 + (conf->id > THISNODE->id ? 10 : 0)); 597 rekey.start (rekey_interval, rekey_interval);
591 keepalive.start (NOW + ::conf.keepalive); 598 keepalive.start (::conf.keepalive);
592 599
593 // send queued packets 600 // send queued packets
594 if (ictx && octx) 601 if (ictx && octx)
595 { 602 {
596 while (tap_packet *p = (tap_packet *)data_queue.get ()) 603 while (tap_packet *p = (tap_packet *)data_queue.get ())
607 } 614 }
608 } 615 }
609 else 616 else
610 { 617 {
611 retry_cnt = 0; 618 retry_cnt = 0;
612 establish_connection.start (NOW + 5); 619 establish_connection.start (5);
613 keepalive.stop (); 620 keepalive.stop ();
614 rekey.stop (); 621 rekey.stop ();
615 } 622 }
616} 623}
617 624
622 629
623 // mask out protocols we cannot establish 630 // mask out protocols we cannot establish
624 if (!conf->udp_port) protocol &= ~PROT_UDPv4; 631 if (!conf->udp_port) protocol &= ~PROT_UDPv4;
625 if (!conf->tcp_port) protocol &= ~PROT_TCPv4; 632 if (!conf->tcp_port) protocol &= ~PROT_TCPv4;
626 if (!conf->dns_port) protocol &= ~PROT_DNSv4; 633 if (!conf->dns_port) protocol &= ~PROT_DNSv4;
634
635 if (protocol
636 && (!conf->can_direct (THISNODE)
637 || !THISNODE->can_direct (conf)))
638 {
639 slog (L_DEBUG, _("%s: direct connection denied"), conf->nodename);
640 protocol = 0;
641 }
627 642
628 si.set (conf, protocol); 643 si.set (conf, protocol);
629} 644}
630 645
631// ensure sockinfo is valid, forward if necessary 646// ensure sockinfo is valid, forward if necessary
729 744
730 delete r; 745 delete r;
731} 746}
732 747
733void 748void
734connection::establish_connection_cb (time_watcher &w) 749connection::establish_connection_cb (ev::timer &w, int revents)
735{ 750{
736 if (!ictx 751 if (!ictx
737 && conf != THISNODE 752 && conf != THISNODE
738 && connectmode != conf_node::C_NEVER 753 && connectmode != conf_node::C_NEVER
739 && connectmode != conf_node::C_DISABLED 754 && connectmode != conf_node::C_DISABLED
740 && NOW > w.at) 755 && !w.is_active ())
741 { 756 {
742 w.at = TSTAMP_MAX; // first disable this watcher in case of recursion 757 ev::tstamp retry_int = ev::tstamp (retry_cnt & 3
743
744 double retry_int = double (retry_cnt & 3
745 ? (retry_cnt & 3) + 1 758 ? (retry_cnt & 3) + 1
746 : 1 << (retry_cnt >> 2)); 759 : 1 << (retry_cnt >> 2));
747 760
748 reset_si (); 761 reset_si ();
749 762
750 bool slow = si.prot & PROT_SLOW; 763 bool slow = si.prot & PROT_SLOW;
751 764
752 if (si.prot && !si.host) 765 if (si.prot && !si.host)
766 {
767 slog (L_TRACE, _("%s: connection request (indirect)"), conf->nodename);
768 /*TODO*/ /* start the timer so we don't recurse endlessly */
769 w.start (1);
753 vpn->send_connect_request (conf->id); 770 vpn->send_connect_request (conf->id);
771 }
754 else 772 else
755 { 773 {
774 slog (L_TRACE, _("%s: connection request (direct)"), conf->nodename, !!ictx, !!octx);
775
756 const sockinfo &dsi = forward_si (si); 776 const sockinfo &dsi = forward_si (si);
757 777
758 slow = slow || (dsi.prot & PROT_SLOW); 778 slow = slow || (dsi.prot & PROT_SLOW);
759 779
760 if (dsi.valid () && auth_rate_limiter.can (dsi)) 780 if (dsi.valid () && auth_rate_limiter.can (dsi))
771 if (retry_int < conf->max_retry) 791 if (retry_int < conf->max_retry)
772 retry_cnt++; 792 retry_cnt++;
773 else 793 else
774 retry_int = conf->max_retry; 794 retry_int = conf->max_retry;
775 795
776 w.start (NOW + retry_int); 796 w.start (retry_int);
777 } 797 }
778} 798}
779 799
780void 800void
781connection::reset_connection () 801connection::reset_connection ()
814 834
815 reset_connection (); 835 reset_connection ();
816} 836}
817 837
818void 838void
819connection::rekey_cb (time_watcher &w) 839connection::rekey_cb (ev::timer &w, int revents)
820{ 840{
821 reset_connection (); 841 reset_connection ();
822 establish_connection (); 842 establish_connection ();
823} 843}
824 844
868} 888}
869 889
870void 890void
871connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) 891connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
872{ 892{
873 last_activity = NOW; 893 last_activity = ev::ev_now ();
874 894
875 slog (L_NOISE, "<<%d received packet type %d from %d to %d", 895 slog (L_NOISE, "<<%d received packet type %d from %d to %d",
876 conf->id, pkt->typ (), pkt->src (), pkt->dst ()); 896 conf->id, pkt->typ (), pkt->src (), pkt->dst ());
897
898 if (connectmode == conf_node::C_DISABLED)
899 return;
877 900
878 switch (pkt->typ ()) 901 switch (pkt->typ ())
879 { 902 {
880 case vpn_packet::PT_PING: 903 case vpn_packet::PT_PING:
881 // we send pings instead of auth packets after some retries, 904 // we send pings instead of auth packets after some retries,
1143 send_reset (rsi); 1166 send_reset (rsi);
1144 break; 1167 break;
1145 } 1168 }
1146} 1169}
1147 1170
1148void connection::keepalive_cb (time_watcher &w) 1171void connection::keepalive_cb (ev::timer &w, int revents)
1149{ 1172{
1150 if (NOW >= last_activity + ::conf.keepalive + 30) 1173 if (ev::ev_now () >= last_activity + ::conf.keepalive + 30)
1151 { 1174 {
1152 reset_connection (); 1175 reset_connection ();
1153 establish_connection (); 1176 establish_connection ();
1154 } 1177 }
1155 else if (NOW < last_activity + ::conf.keepalive) 1178 else if (ev::ev_now () < last_activity + ::conf.keepalive)
1156 w.start (last_activity + ::conf.keepalive); 1179 w.start (last_activity + ::conf.keepalive - ev::now ());
1157 else if (conf->connectmode != conf_node::C_ONDEMAND 1180 else if (conf->connectmode != conf_node::C_ONDEMAND
1158 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1181 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1159 { 1182 {
1160 send_ping (si); 1183 send_ping (si);
1161 w.start (NOW + 5); 1184 w.start (5);
1162 } 1185 }
1163 else if (NOW < last_activity + ::conf.keepalive + 10) 1186 else if (ev::ev_now () < last_activity + ::conf.keepalive + 10)
1164 // hold ondemand connections implicitly a few seconds longer 1187 // hold ondemand connections implicitly a few seconds longer
1165 // should delete octx, though, or something like that ;) 1188 // should delete octx, though, or something like that ;)
1166 w.start (last_activity + ::conf.keepalive + 10); 1189 w.start (last_activity + ::conf.keepalive + 10 - ev::now ());
1167 else 1190 else
1168 reset_connection (); 1191 reset_connection ();
1169} 1192}
1170 1193
1171void connection::send_connect_request (int id) 1194void connection::send_connect_request (int id)
1202 1225
1203const char *connection::script_node_up () 1226const char *connection::script_node_up ()
1204{ 1227{
1205 script_init_connect_env (); 1228 script_init_connect_env ();
1206 1229
1207 putenv ("STATE=up"); 1230 putenv ((char *)"STATE=up");
1208 1231
1209 char *filename; 1232 char *filename;
1210 asprintf (&filename, 1233 asprintf (&filename,
1211 "%s/%s", 1234 "%s/%s",
1212 confbase, 1235 confbase,
1217 1240
1218const char *connection::script_node_down () 1241const char *connection::script_node_down ()
1219{ 1242{
1220 script_init_connect_env (); 1243 script_init_connect_env ();
1221 1244
1222 putenv ("STATE=down"); 1245 putenv ((char *)"STATE=down");
1223 1246
1224 char *filename; 1247 char *filename;
1225 asprintf (&filename, 1248 asprintf (&filename,
1226 "%s/%s", 1249 "%s/%s",
1227 confbase, 1250 confbase,

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines