… | |
… | |
90 | rsachallenge chg; |
90 | rsachallenge chg; |
91 | }; |
91 | }; |
92 | |
92 | |
93 | struct rsa_cache : list<rsa_entry> |
93 | struct rsa_cache : list<rsa_entry> |
94 | { |
94 | { |
95 | void cleaner_cb (time_watcher &w); time_watcher cleaner; |
95 | void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner; |
96 | |
96 | |
97 | bool find (const rsaid &id, rsachallenge &chg) |
97 | bool find (const rsaid &id, rsachallenge &chg) |
98 | { |
98 | { |
99 | for (iterator i = begin (); i != end (); ++i) |
99 | for (iterator i = begin (); i != end (); ++i) |
100 | { |
100 | { |
101 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > NOW) |
101 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev::ev_now ()) |
102 | { |
102 | { |
103 | memcpy (&chg, &i->chg, sizeof chg); |
103 | memcpy (&chg, &i->chg, sizeof chg); |
104 | |
104 | |
105 | erase (i); |
105 | erase (i); |
106 | return true; |
106 | return true; |
107 | } |
107 | } |
108 | } |
108 | } |
109 | |
109 | |
110 | if (cleaner.at < NOW) |
110 | if (!cleaner.is_active ()) |
111 | cleaner.start (NOW + RSA_TTL); |
111 | cleaner.again (); |
112 | |
112 | |
113 | return false; |
113 | return false; |
114 | } |
114 | } |
115 | |
115 | |
116 | void gen (rsaid &id, rsachallenge &chg) |
116 | void gen (rsaid &id, rsachallenge &chg) |
… | |
… | |
118 | rsa_entry e; |
118 | rsa_entry e; |
119 | |
119 | |
120 | RAND_bytes ((unsigned char *)&id, sizeof id); |
120 | RAND_bytes ((unsigned char *)&id, sizeof id); |
121 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
121 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
122 | |
122 | |
123 | e.expire = NOW + RSA_TTL; |
123 | e.expire = ev::ev_now () + RSA_TTL; |
124 | e.id = id; |
124 | e.id = id; |
125 | memcpy (&e.chg, &chg, sizeof chg); |
125 | memcpy (&e.chg, &chg, sizeof chg); |
126 | |
126 | |
127 | push_back (e); |
127 | push_back (e); |
128 | |
128 | |
129 | if (cleaner.at < NOW) |
129 | if (!cleaner.is_active ()) |
130 | cleaner.start (NOW + RSA_TTL); |
130 | cleaner.again (); |
131 | } |
131 | } |
132 | |
132 | |
133 | rsa_cache () |
133 | rsa_cache () |
134 | : cleaner (this, &rsa_cache::cleaner_cb) |
134 | : cleaner (this, &rsa_cache::cleaner_cb) |
135 | { } |
135 | { |
|
|
136 | cleaner.set (RSA_TTL, RSA_TTL); |
|
|
137 | } |
136 | |
138 | |
137 | } rsa_cache; |
139 | } rsa_cache; |
138 | |
140 | |
139 | void rsa_cache::cleaner_cb (time_watcher &w) |
141 | void rsa_cache::cleaner_cb (ev::timer &w, int revents) |
140 | { |
142 | { |
141 | if (!empty ()) |
143 | if (empty ()) |
|
|
144 | w.stop (); |
|
|
145 | else |
142 | { |
146 | { |
143 | w.start (NOW + RSA_TTL); |
|
|
144 | |
|
|
145 | for (iterator i = begin (); i != end (); ) |
147 | for (iterator i = begin (); i != end (); ) |
146 | if (i->expire <= NOW) |
148 | if (i->expire <= ev::ev_now ()) |
147 | i = erase (i); |
149 | i = erase (i); |
148 | else |
150 | else |
149 | ++i; |
151 | ++i; |
150 | } |
152 | } |
151 | } |
153 | } |
… | |
… | |
218 | iterator i; |
220 | iterator i; |
219 | |
221 | |
220 | for (i = begin (); i != end (); ) |
222 | for (i = begin (); i != end (); ) |
221 | if (i->host == host) |
223 | if (i->host == host) |
222 | break; |
224 | break; |
223 | else if (i->last < NOW - NRL_EXPIRE) |
225 | else if (i->last < ev::ev_now () - NRL_EXPIRE) |
224 | i = erase (i); |
226 | i = erase (i); |
225 | else |
227 | else |
226 | i++; |
228 | i++; |
227 | |
229 | |
228 | if (i == end ()) |
230 | if (i == end ()) |
… | |
… | |
230 | net_rateinfo ri; |
232 | net_rateinfo ri; |
231 | |
233 | |
232 | ri.host = host; |
234 | ri.host = host; |
233 | ri.pcnt = 1.; |
235 | ri.pcnt = 1.; |
234 | ri.diff = NRL_MAXDIF; |
236 | ri.diff = NRL_MAXDIF; |
235 | ri.last = NOW; |
237 | ri.last = ev::ev_now (); |
236 | |
238 | |
237 | push_front (ri); |
239 | push_front (ri); |
238 | |
240 | |
239 | return true; |
241 | return true; |
240 | } |
242 | } |
… | |
… | |
242 | { |
244 | { |
243 | net_rateinfo ri (*i); |
245 | net_rateinfo ri (*i); |
244 | erase (i); |
246 | erase (i); |
245 | |
247 | |
246 | ri.pcnt = ri.pcnt * NRL_ALPHA; |
248 | ri.pcnt = ri.pcnt * NRL_ALPHA; |
247 | ri.diff = ri.diff * NRL_ALPHA + (NOW - ri.last); |
249 | ri.diff = ri.diff * NRL_ALPHA + (ev::ev_now () - ri.last); |
248 | |
250 | |
249 | ri.last = NOW; |
251 | ri.last = ev::ev_now (); |
250 | |
252 | |
251 | double dif = ri.diff / ri.pcnt; |
253 | double dif = ri.diff / ri.pcnt; |
252 | |
254 | |
253 | bool send = dif > NRL_CUTOFF; |
255 | bool send = dif > NRL_CUTOFF; |
254 | |
256 | |
… | |
… | |
463 | #if ENABLE_COMPRESSION |
465 | #if ENABLE_COMPRESSION |
464 | f |= FEATURE_COMPRESSION; |
466 | f |= FEATURE_COMPRESSION; |
465 | #endif |
467 | #endif |
466 | #if ENABLE_ROHC |
468 | #if ENABLE_ROHC |
467 | f |= FEATURE_ROHC; |
469 | f |= FEATURE_ROHC; |
|
|
470 | #endif |
|
|
471 | #if ENABLE_BRIDGING |
|
|
472 | f |= FEATURE_BRIDGING; |
468 | #endif |
473 | #endif |
469 | return f; |
474 | return f; |
470 | } |
475 | } |
471 | }; |
476 | }; |
472 | |
477 | |
… | |
… | |
584 | if (ictx && octx) |
589 | if (ictx && octx) |
585 | { |
590 | { |
586 | connectmode = conf->connectmode; |
591 | connectmode = conf->connectmode; |
587 | |
592 | |
588 | // make sure rekeying timeouts are slightly asymmetric |
593 | // make sure rekeying timeouts are slightly asymmetric |
589 | rekey.start (NOW + ::conf.rekey |
594 | ev::tstamp rekey_interval = ::conf.rekey + (conf->id > THISNODE->id ? 10 : 0); |
590 | + (conf->id > THISNODE->id ? 10 : 0)); |
595 | rekey.start (rekey_interval, rekey_interval); |
591 | keepalive.start (NOW + ::conf.keepalive); |
596 | keepalive.start (::conf.keepalive); |
592 | |
597 | |
593 | // send queued packets |
598 | // send queued packets |
594 | if (ictx && octx) |
599 | if (ictx && octx) |
595 | { |
600 | { |
596 | while (tap_packet *p = (tap_packet *)data_queue.get ()) |
601 | while (tap_packet *p = (tap_packet *)data_queue.get ()) |
… | |
… | |
607 | } |
612 | } |
608 | } |
613 | } |
609 | else |
614 | else |
610 | { |
615 | { |
611 | retry_cnt = 0; |
616 | retry_cnt = 0; |
612 | establish_connection.start (NOW + 5); |
617 | establish_connection.start (5); |
613 | keepalive.stop (); |
618 | keepalive.stop (); |
614 | rekey.stop (); |
619 | rekey.stop (); |
615 | } |
620 | } |
616 | } |
621 | } |
617 | |
622 | |
… | |
… | |
622 | |
627 | |
623 | // mask out protocols we cannot establish |
628 | // mask out protocols we cannot establish |
624 | if (!conf->udp_port) protocol &= ~PROT_UDPv4; |
629 | if (!conf->udp_port) protocol &= ~PROT_UDPv4; |
625 | if (!conf->tcp_port) protocol &= ~PROT_TCPv4; |
630 | if (!conf->tcp_port) protocol &= ~PROT_TCPv4; |
626 | if (!conf->dns_port) protocol &= ~PROT_DNSv4; |
631 | if (!conf->dns_port) protocol &= ~PROT_DNSv4; |
|
|
632 | |
|
|
633 | if (protocol |
|
|
634 | && (!conf->can_direct (THISNODE) |
|
|
635 | || !THISNODE->can_direct (conf))) |
|
|
636 | { |
|
|
637 | slog (L_DEBUG, _("%s: direct connection denied"), conf->nodename); |
|
|
638 | protocol = 0; |
|
|
639 | } |
627 | |
640 | |
628 | si.set (conf, protocol); |
641 | si.set (conf, protocol); |
629 | } |
642 | } |
630 | |
643 | |
631 | // ensure sockinfo is valid, forward if necessary |
644 | // ensure sockinfo is valid, forward if necessary |
… | |
… | |
729 | |
742 | |
730 | delete r; |
743 | delete r; |
731 | } |
744 | } |
732 | |
745 | |
733 | void |
746 | void |
734 | connection::establish_connection_cb (time_watcher &w) |
747 | connection::establish_connection_cb (ev::timer &w, int revents) |
735 | { |
748 | { |
736 | if (!ictx |
749 | if (!ictx |
737 | && conf != THISNODE |
750 | && conf != THISNODE |
738 | && connectmode != conf_node::C_NEVER |
751 | && connectmode != conf_node::C_NEVER |
739 | && connectmode != conf_node::C_DISABLED |
752 | && connectmode != conf_node::C_DISABLED |
740 | && NOW > w.at) |
753 | && !w.is_active ()) |
741 | { |
754 | { |
742 | w.at = TSTAMP_MAX; // first disable this watcher in case of recursion |
755 | ev::tstamp retry_int = ev::tstamp (retry_cnt & 3 |
743 | |
|
|
744 | double retry_int = double (retry_cnt & 3 |
|
|
745 | ? (retry_cnt & 3) + 1 |
756 | ? (retry_cnt & 3) + 1 |
746 | : 1 << (retry_cnt >> 2)); |
757 | : 1 << (retry_cnt >> 2)); |
747 | |
758 | |
748 | reset_si (); |
759 | reset_si (); |
749 | |
760 | |
750 | bool slow = si.prot & PROT_SLOW; |
761 | bool slow = si.prot & PROT_SLOW; |
751 | |
762 | |
752 | if (si.prot && !si.host) |
763 | if (si.prot && !si.host) |
|
|
764 | { |
|
|
765 | /*TODO*/ /* start the timer so we don't recurse endlessly */ |
|
|
766 | w.start (1); |
753 | vpn->send_connect_request (conf->id); |
767 | vpn->send_connect_request (conf->id); |
|
|
768 | } |
754 | else |
769 | else |
755 | { |
770 | { |
756 | const sockinfo &dsi = forward_si (si); |
771 | const sockinfo &dsi = forward_si (si); |
757 | |
772 | |
758 | slow = slow || (dsi.prot & PROT_SLOW); |
773 | slow = slow || (dsi.prot & PROT_SLOW); |
… | |
… | |
771 | if (retry_int < conf->max_retry) |
786 | if (retry_int < conf->max_retry) |
772 | retry_cnt++; |
787 | retry_cnt++; |
773 | else |
788 | else |
774 | retry_int = conf->max_retry; |
789 | retry_int = conf->max_retry; |
775 | |
790 | |
776 | w.start (NOW + retry_int); |
791 | w.start (retry_int); |
777 | } |
792 | } |
778 | } |
793 | } |
779 | |
794 | |
780 | void |
795 | void |
781 | connection::reset_connection () |
796 | connection::reset_connection () |
… | |
… | |
814 | |
829 | |
815 | reset_connection (); |
830 | reset_connection (); |
816 | } |
831 | } |
817 | |
832 | |
818 | void |
833 | void |
819 | connection::rekey_cb (time_watcher &w) |
834 | connection::rekey_cb (ev::timer &w, int revents) |
820 | { |
835 | { |
821 | reset_connection (); |
836 | reset_connection (); |
822 | establish_connection (); |
837 | establish_connection (); |
823 | } |
838 | } |
824 | |
839 | |
… | |
… | |
868 | } |
883 | } |
869 | |
884 | |
870 | void |
885 | void |
871 | connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
886 | connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
872 | { |
887 | { |
873 | last_activity = NOW; |
888 | last_activity = ev::ev_now (); |
874 | |
889 | |
875 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
890 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
876 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
891 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
877 | |
892 | |
878 | switch (pkt->typ ()) |
893 | switch (pkt->typ ()) |
… | |
… | |
1143 | send_reset (rsi); |
1158 | send_reset (rsi); |
1144 | break; |
1159 | break; |
1145 | } |
1160 | } |
1146 | } |
1161 | } |
1147 | |
1162 | |
1148 | void connection::keepalive_cb (time_watcher &w) |
1163 | void connection::keepalive_cb (ev::timer &w, int revents) |
1149 | { |
1164 | { |
1150 | if (NOW >= last_activity + ::conf.keepalive + 30) |
1165 | if (ev::ev_now () >= last_activity + ::conf.keepalive + 30) |
1151 | { |
1166 | { |
1152 | reset_connection (); |
1167 | reset_connection (); |
1153 | establish_connection (); |
1168 | establish_connection (); |
1154 | } |
1169 | } |
1155 | else if (NOW < last_activity + ::conf.keepalive) |
1170 | else if (ev::ev_now () < last_activity + ::conf.keepalive) |
1156 | w.start (last_activity + ::conf.keepalive); |
1171 | w.start (last_activity + ::conf.keepalive - ev::now ()); |
1157 | else if (conf->connectmode != conf_node::C_ONDEMAND |
1172 | else if (conf->connectmode != conf_node::C_ONDEMAND |
1158 | || THISNODE->connectmode != conf_node::C_ONDEMAND) |
1173 | || THISNODE->connectmode != conf_node::C_ONDEMAND) |
1159 | { |
1174 | { |
1160 | send_ping (si); |
1175 | send_ping (si); |
1161 | w.start (NOW + 5); |
1176 | w.start (5); |
1162 | } |
1177 | } |
1163 | else if (NOW < last_activity + ::conf.keepalive + 10) |
1178 | else if (ev::ev_now () < last_activity + ::conf.keepalive + 10) |
1164 | // hold ondemand connections implicitly a few seconds longer |
1179 | // hold ondemand connections implicitly a few seconds longer |
1165 | // should delete octx, though, or something like that ;) |
1180 | // should delete octx, though, or something like that ;) |
1166 | w.start (last_activity + ::conf.keepalive + 10); |
1181 | w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); |
1167 | else |
1182 | else |
1168 | reset_connection (); |
1183 | reset_connection (); |
1169 | } |
1184 | } |
1170 | |
1185 | |
1171 | void connection::send_connect_request (int id) |
1186 | void connection::send_connect_request (int id) |
… | |
… | |
1202 | |
1217 | |
1203 | const char *connection::script_node_up () |
1218 | const char *connection::script_node_up () |
1204 | { |
1219 | { |
1205 | script_init_connect_env (); |
1220 | script_init_connect_env (); |
1206 | |
1221 | |
1207 | putenv ("STATE=up"); |
1222 | putenv ((char *)"STATE=up"); |
1208 | |
1223 | |
1209 | char *filename; |
1224 | char *filename; |
1210 | asprintf (&filename, |
1225 | asprintf (&filename, |
1211 | "%s/%s", |
1226 | "%s/%s", |
1212 | confbase, |
1227 | confbase, |
… | |
… | |
1217 | |
1232 | |
1218 | const char *connection::script_node_down () |
1233 | const char *connection::script_node_down () |
1219 | { |
1234 | { |
1220 | script_init_connect_env (); |
1235 | script_init_connect_env (); |
1221 | |
1236 | |
1222 | putenv ("STATE=down"); |
1237 | putenv ((char *)"STATE=down"); |
1223 | |
1238 | |
1224 | char *filename; |
1239 | char *filename; |
1225 | asprintf (&filename, |
1240 | asprintf (&filename, |
1226 | "%s/%s", |
1241 | "%s/%s", |
1227 | confbase, |
1242 | confbase, |