ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.60 by pcg, Sat Nov 10 05:14:22 2007 UTC vs.
Revision 1.64 by pcg, Tue Dec 4 15:01:12 2007 UTC

82 require (EVP_DigestUpdate(&ctx, &id, sizeof id)); 82 require (EVP_DigestUpdate(&ctx, &id, sizeof id));
83 require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); 83 require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0));
84 EVP_MD_CTX_cleanup (&ctx); 84 EVP_MD_CTX_cleanup (&ctx);
85} 85}
86 86
87struct rsa_entry { 87struct rsa_entry
88{
88 tstamp expire; 89 tstamp expire;
89 rsaid id; 90 rsaid id;
90 rsachallenge chg; 91 rsachallenge chg;
91}; 92};
92 93
96 97
97 bool find (const rsaid &id, rsachallenge &chg) 98 bool find (const rsaid &id, rsachallenge &chg)
98 { 99 {
99 for (iterator i = begin (); i != end (); ++i) 100 for (iterator i = begin (); i != end (); ++i)
100 { 101 {
101 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev::ev_now ()) 102 if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ())
102 { 103 {
103 memcpy (&chg, &i->chg, sizeof chg); 104 memcpy (&chg, &i->chg, sizeof chg);
104 105
105 erase (i); 106 erase (i);
106 return true; 107 return true;
118 rsa_entry e; 119 rsa_entry e;
119 120
120 RAND_bytes ((unsigned char *)&id, sizeof id); 121 RAND_bytes ((unsigned char *)&id, sizeof id);
121 RAND_bytes ((unsigned char *)&chg, sizeof chg); 122 RAND_bytes ((unsigned char *)&chg, sizeof chg);
122 123
123 e.expire = ev::ev_now () + RSA_TTL; 124 e.expire = ev_now () + RSA_TTL;
124 e.id = id; 125 e.id = id;
125 memcpy (&e.chg, &chg, sizeof chg); 126 memcpy (&e.chg, &chg, sizeof chg);
126 127
127 push_back (e); 128 push_back (e);
128 129
143 if (empty ()) 144 if (empty ())
144 w.stop (); 145 w.stop ();
145 else 146 else
146 { 147 {
147 for (iterator i = begin (); i != end (); ) 148 for (iterator i = begin (); i != end (); )
148 if (i->expire <= ev::ev_now ()) 149 if (i->expire <= ev_now ())
149 i = erase (i); 150 i = erase (i);
150 else 151 else
151 ++i; 152 ++i;
152 } 153 }
153} 154}
191{ 192{
192 for (i = QUEUEDEPTH; --i > 0; ) 193 for (i = QUEUEDEPTH; --i > 0; )
193 delete queue[i]; 194 delete queue[i];
194} 195}
195 196
196struct net_rateinfo { 197struct net_rateinfo
198{
197 u32 host; 199 u32 host;
198 double pcnt, diff; 200 double pcnt, diff;
199 tstamp last; 201 tstamp last;
200}; 202};
201 203
220 iterator i; 222 iterator i;
221 223
222 for (i = begin (); i != end (); ) 224 for (i = begin (); i != end (); )
223 if (i->host == host) 225 if (i->host == host)
224 break; 226 break;
225 else if (i->last < ev::ev_now () - NRL_EXPIRE) 227 else if (i->last < ev_now () - NRL_EXPIRE)
226 i = erase (i); 228 i = erase (i);
227 else 229 else
228 i++; 230 i++;
229 231
230 if (i == end ()) 232 if (i == end ())
232 net_rateinfo ri; 234 net_rateinfo ri;
233 235
234 ri.host = host; 236 ri.host = host;
235 ri.pcnt = 1.; 237 ri.pcnt = 1.;
236 ri.diff = NRL_MAXDIF; 238 ri.diff = NRL_MAXDIF;
237 ri.last = ev::ev_now (); 239 ri.last = ev_now ();
238 240
239 push_front (ri); 241 push_front (ri);
240 242
241 return true; 243 return true;
242 } 244 }
244 { 246 {
245 net_rateinfo ri (*i); 247 net_rateinfo ri (*i);
246 erase (i); 248 erase (i);
247 249
248 ri.pcnt = ri.pcnt * NRL_ALPHA; 250 ri.pcnt = ri.pcnt * NRL_ALPHA;
249 ri.diff = ri.diff * NRL_ALPHA + (ev::ev_now () - ri.last); 251 ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last);
250 252
251 ri.last = ev::ev_now (); 253 ri.last = ev_now ();
252 254
253 double dif = ri.diff / ri.pcnt; 255 double dif = ri.diff / ri.pcnt;
254 256
255 bool send = dif > NRL_CUTOFF; 257 bool send = dif > NRL_CUTOFF;
256 258
584///////////////////////////////////////////////////////////////////////////// 586/////////////////////////////////////////////////////////////////////////////
585 587
586void 588void
587connection::connection_established () 589connection::connection_established ()
588{ 590{
591 slog (L_TRACE, _("%s: possible connection establish (ictx %d, octx %d)"), conf->nodename, !!ictx, !!octx);
592
589 if (ictx && octx) 593 if (ictx && octx)
590 { 594 {
591 connectmode = conf->connectmode; 595 connectmode = conf->connectmode;
592 596
593 // make sure rekeying timeouts are slightly asymmetric 597 // make sure rekeying timeouts are slightly asymmetric
760 764
761 bool slow = si.prot & PROT_SLOW; 765 bool slow = si.prot & PROT_SLOW;
762 766
763 if (si.prot && !si.host) 767 if (si.prot && !si.host)
764 { 768 {
769 slog (L_TRACE, _("%s: connection request (indirect)"), conf->nodename);
765 /*TODO*/ /* start the timer so we don't recurse endlessly */ 770 /*TODO*/ /* start the timer so we don't recurse endlessly */
766 w.start (1); 771 w.start (1);
767 vpn->send_connect_request (conf->id); 772 vpn->send_connect_request (conf->id);
768 } 773 }
769 else 774 else
770 { 775 {
776 slog (L_TRACE, _("%s: connection request (direct)"), conf->nodename, !!ictx, !!octx);
777
771 const sockinfo &dsi = forward_si (si); 778 const sockinfo &dsi = forward_si (si);
772 779
773 slow = slow || (dsi.prot & PROT_SLOW); 780 slow = slow || (dsi.prot & PROT_SLOW);
774 781
775 if (dsi.valid () && auth_rate_limiter.can (dsi)) 782 if (dsi.valid () && auth_rate_limiter.can (dsi))
799 { 806 {
800 slog (L_INFO, _("%s(%s): connection lost"), 807 slog (L_INFO, _("%s(%s): connection lost"),
801 conf->nodename, (const char *)si); 808 conf->nodename, (const char *)si);
802 809
803 if (::conf.script_node_down) 810 if (::conf.script_node_down)
804 if (!run_script (run_script_cb (this, &connection::script_node_down), false)) 811 {
812 run_script_cb cb;
813 callback_set (cb, this, connection, script_node_down);
814 if (!run_script (cb, false))
805 slog (L_WARN, _("node-down command execution failed, continuing.")); 815 slog (L_WARN, _("node-down command execution failed, continuing."));
816 }
806 } 817 }
807 818
808 delete ictx; ictx = 0; 819 delete ictx; ictx = 0;
809 delete octx; octx = 0; 820 delete octx; octx = 0;
810#if ENABLE_DNS 821#if ENABLE_DNS
883} 894}
884 895
885void 896void
886connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) 897connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi)
887{ 898{
888 last_activity = ev::ev_now (); 899 last_activity = ev_now ();
889 900
890 slog (L_NOISE, "<<%d received packet type %d from %d to %d", 901 slog (L_NOISE, "<<%d received packet type %d from %d to %d",
891 conf->id, pkt->typ (), pkt->src (), pkt->dst ()); 902 conf->id, pkt->typ (), pkt->src (), pkt->dst ());
903
904 if (connectmode == conf_node::C_DISABLED)
905 return;
892 906
893 switch (pkt->typ ()) 907 switch (pkt->typ ())
894 { 908 {
895 case vpn_packet::PT_PING: 909 case vpn_packet::PT_PING:
896 // we send pings instead of auth packets after some retries, 910 // we send pings instead of auth packets after some retries,
1031 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), 1045 slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"),
1032 conf->nodename, (const char *)rsi, 1046 conf->nodename, (const char *)rsi,
1033 p->prot_major, p->prot_minor); 1047 p->prot_major, p->prot_minor);
1034 1048
1035 if (::conf.script_node_up) 1049 if (::conf.script_node_up)
1036 if (!run_script (run_script_cb (this, &connection::script_node_up), false)) 1050 {
1051 run_script_cb cb;
1052 callback_set (cb, this, connection, script_node_up);
1053 if (!run_script (cb, false))
1037 slog (L_WARN, _("node-up command execution failed, continuing.")); 1054 slog (L_WARN, _("node-up command execution failed, continuing."));
1055 }
1038 1056
1039 break; 1057 break;
1040 } 1058 }
1041 else 1059 else
1042 slog (L_ERR, _("%s(%s): sent and received challenge do not match"), 1060 slog (L_ERR, _("%s(%s): sent and received challenge do not match"),
1160 } 1178 }
1161} 1179}
1162 1180
1163void connection::keepalive_cb (ev::timer &w, int revents) 1181void connection::keepalive_cb (ev::timer &w, int revents)
1164{ 1182{
1165 if (ev::ev_now () >= last_activity + ::conf.keepalive + 30) 1183 if (ev_now () >= last_activity + ::conf.keepalive + 30)
1166 { 1184 {
1167 reset_connection (); 1185 reset_connection ();
1168 establish_connection (); 1186 establish_connection ();
1169 } 1187 }
1170 else if (ev::ev_now () < last_activity + ::conf.keepalive) 1188 else if (ev_now () < last_activity + ::conf.keepalive)
1171 w.start (last_activity + ::conf.keepalive - ev::now ()); 1189 w.start (last_activity + ::conf.keepalive - ev::now ());
1172 else if (conf->connectmode != conf_node::C_ONDEMAND 1190 else if (conf->connectmode != conf_node::C_ONDEMAND
1173 || THISNODE->connectmode != conf_node::C_ONDEMAND) 1191 || THISNODE->connectmode != conf_node::C_ONDEMAND)
1174 { 1192 {
1175 send_ping (si); 1193 send_ping (si);
1176 w.start (5); 1194 w.start (5);
1177 } 1195 }
1178 else if (ev::ev_now () < last_activity + ::conf.keepalive + 10) 1196 else if (ev_now () < last_activity + ::conf.keepalive + 10)
1179 // hold ondemand connections implicitly a few seconds longer 1197 // hold ondemand connections implicitly a few seconds longer
1180 // should delete octx, though, or something like that ;) 1198 // should delete octx, though, or something like that ;)
1181 w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); 1199 w.start (last_activity + ::conf.keepalive + 10 - ev::now ());
1182 else 1200 else
1183 reset_connection (); 1201 reset_connection ();

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines