| … | |
… | |
| 584 | ///////////////////////////////////////////////////////////////////////////// |
584 | ///////////////////////////////////////////////////////////////////////////// |
| 585 | |
585 | |
| 586 | void |
586 | void |
| 587 | connection::connection_established () |
587 | connection::connection_established () |
| 588 | { |
588 | { |
|
|
589 | slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx); |
|
|
590 | |
| 589 | if (ictx && octx) |
591 | if (ictx && octx) |
| 590 | { |
592 | { |
| 591 | connectmode = conf->connectmode; |
593 | connectmode = conf->connectmode; |
| 592 | |
594 | |
| 593 | // make sure rekeying timeouts are slightly asymmetric |
595 | // make sure rekeying timeouts are slightly asymmetric |
| … | |
… | |
| 760 | |
762 | |
| 761 | bool slow = si.prot & PROT_SLOW; |
763 | bool slow = si.prot & PROT_SLOW; |
| 762 | |
764 | |
| 763 | if (si.prot && !si.host) |
765 | if (si.prot && !si.host) |
| 764 | { |
766 | { |
|
|
767 | slog (L_TRACE, _("%s: connection request (indirect)"), conf->nodename); |
| 765 | /*TODO*/ /* start the timer so we don't recurse endlessly */ |
768 | /*TODO*/ /* start the timer so we don't recurse endlessly */ |
| 766 | w.start (1); |
769 | w.start (1); |
| 767 | vpn->send_connect_request (conf->id); |
770 | vpn->send_connect_request (conf->id); |
| 768 | } |
771 | } |
| 769 | else |
772 | else |
| 770 | { |
773 | { |
|
|
774 | slog (L_TRACE, _("%s: connection request (direct)"), conf->nodename, !!ictx, !!octx); |
|
|
775 | |
| 771 | const sockinfo &dsi = forward_si (si); |
776 | const sockinfo &dsi = forward_si (si); |
| 772 | |
777 | |
| 773 | slow = slow || (dsi.prot & PROT_SLOW); |
778 | slow = slow || (dsi.prot & PROT_SLOW); |
| 774 | |
779 | |
| 775 | if (dsi.valid () && auth_rate_limiter.can (dsi)) |
780 | if (dsi.valid () && auth_rate_limiter.can (dsi)) |
| … | |
… | |
| 887 | { |
892 | { |
| 888 | last_activity = ev::ev_now (); |
893 | last_activity = ev::ev_now (); |
| 889 | |
894 | |
| 890 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
895 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
| 891 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
896 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
|
|
897 | |
|
|
898 | if (connectmode == conf_node::C_DISABLED) |
|
|
899 | return; |
| 892 | |
900 | |
| 893 | switch (pkt->typ ()) |
901 | switch (pkt->typ ()) |
| 894 | { |
902 | { |
| 895 | case vpn_packet::PT_PING: |
903 | case vpn_packet::PT_PING: |
| 896 | // we send pings instead of auth packets after some retries, |
904 | // we send pings instead of auth packets after some retries, |
