… | |
… | |
82 | require (EVP_DigestUpdate(&ctx, &id, sizeof id)); |
82 | require (EVP_DigestUpdate(&ctx, &id, sizeof id)); |
83 | require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); |
83 | require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); |
84 | EVP_MD_CTX_cleanup (&ctx); |
84 | EVP_MD_CTX_cleanup (&ctx); |
85 | } |
85 | } |
86 | |
86 | |
87 | struct rsa_entry { |
87 | struct rsa_entry |
|
|
88 | { |
88 | tstamp expire; |
89 | tstamp expire; |
89 | rsaid id; |
90 | rsaid id; |
90 | rsachallenge chg; |
91 | rsachallenge chg; |
91 | }; |
92 | }; |
92 | |
93 | |
… | |
… | |
96 | |
97 | |
97 | bool find (const rsaid &id, rsachallenge &chg) |
98 | bool find (const rsaid &id, rsachallenge &chg) |
98 | { |
99 | { |
99 | for (iterator i = begin (); i != end (); ++i) |
100 | for (iterator i = begin (); i != end (); ++i) |
100 | { |
101 | { |
101 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev::ev_now ()) |
102 | if (!memcmp (&id, &i->id, sizeof id) && i->expire > ev_now ()) |
102 | { |
103 | { |
103 | memcpy (&chg, &i->chg, sizeof chg); |
104 | memcpy (&chg, &i->chg, sizeof chg); |
104 | |
105 | |
105 | erase (i); |
106 | erase (i); |
106 | return true; |
107 | return true; |
… | |
… | |
118 | rsa_entry e; |
119 | rsa_entry e; |
119 | |
120 | |
120 | RAND_bytes ((unsigned char *)&id, sizeof id); |
121 | RAND_bytes ((unsigned char *)&id, sizeof id); |
121 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
122 | RAND_bytes ((unsigned char *)&chg, sizeof chg); |
122 | |
123 | |
123 | e.expire = ev::ev_now () + RSA_TTL; |
124 | e.expire = ev_now () + RSA_TTL; |
124 | e.id = id; |
125 | e.id = id; |
125 | memcpy (&e.chg, &chg, sizeof chg); |
126 | memcpy (&e.chg, &chg, sizeof chg); |
126 | |
127 | |
127 | push_back (e); |
128 | push_back (e); |
128 | |
129 | |
… | |
… | |
143 | if (empty ()) |
144 | if (empty ()) |
144 | w.stop (); |
145 | w.stop (); |
145 | else |
146 | else |
146 | { |
147 | { |
147 | for (iterator i = begin (); i != end (); ) |
148 | for (iterator i = begin (); i != end (); ) |
148 | if (i->expire <= ev::ev_now ()) |
149 | if (i->expire <= ev_now ()) |
149 | i = erase (i); |
150 | i = erase (i); |
150 | else |
151 | else |
151 | ++i; |
152 | ++i; |
152 | } |
153 | } |
153 | } |
154 | } |
… | |
… | |
191 | { |
192 | { |
192 | for (i = QUEUEDEPTH; --i > 0; ) |
193 | for (i = QUEUEDEPTH; --i > 0; ) |
193 | delete queue[i]; |
194 | delete queue[i]; |
194 | } |
195 | } |
195 | |
196 | |
196 | struct net_rateinfo { |
197 | struct net_rateinfo |
|
|
198 | { |
197 | u32 host; |
199 | u32 host; |
198 | double pcnt, diff; |
200 | double pcnt, diff; |
199 | tstamp last; |
201 | tstamp last; |
200 | }; |
202 | }; |
201 | |
203 | |
… | |
… | |
220 | iterator i; |
222 | iterator i; |
221 | |
223 | |
222 | for (i = begin (); i != end (); ) |
224 | for (i = begin (); i != end (); ) |
223 | if (i->host == host) |
225 | if (i->host == host) |
224 | break; |
226 | break; |
225 | else if (i->last < ev::ev_now () - NRL_EXPIRE) |
227 | else if (i->last < ev_now () - NRL_EXPIRE) |
226 | i = erase (i); |
228 | i = erase (i); |
227 | else |
229 | else |
228 | i++; |
230 | i++; |
229 | |
231 | |
230 | if (i == end ()) |
232 | if (i == end ()) |
… | |
… | |
232 | net_rateinfo ri; |
234 | net_rateinfo ri; |
233 | |
235 | |
234 | ri.host = host; |
236 | ri.host = host; |
235 | ri.pcnt = 1.; |
237 | ri.pcnt = 1.; |
236 | ri.diff = NRL_MAXDIF; |
238 | ri.diff = NRL_MAXDIF; |
237 | ri.last = ev::ev_now (); |
239 | ri.last = ev_now (); |
238 | |
240 | |
239 | push_front (ri); |
241 | push_front (ri); |
240 | |
242 | |
241 | return true; |
243 | return true; |
242 | } |
244 | } |
… | |
… | |
244 | { |
246 | { |
245 | net_rateinfo ri (*i); |
247 | net_rateinfo ri (*i); |
246 | erase (i); |
248 | erase (i); |
247 | |
249 | |
248 | ri.pcnt = ri.pcnt * NRL_ALPHA; |
250 | ri.pcnt = ri.pcnt * NRL_ALPHA; |
249 | ri.diff = ri.diff * NRL_ALPHA + (ev::ev_now () - ri.last); |
251 | ri.diff = ri.diff * NRL_ALPHA + (ev_now () - ri.last); |
250 | |
252 | |
251 | ri.last = ev::ev_now (); |
253 | ri.last = ev_now (); |
252 | |
254 | |
253 | double dif = ri.diff / ri.pcnt; |
255 | double dif = ri.diff / ri.pcnt; |
254 | |
256 | |
255 | bool send = dif > NRL_CUTOFF; |
257 | bool send = dif > NRL_CUTOFF; |
256 | |
258 | |
… | |
… | |
804 | { |
806 | { |
805 | slog (L_INFO, _("%s(%s): connection lost"), |
807 | slog (L_INFO, _("%s(%s): connection lost"), |
806 | conf->nodename, (const char *)si); |
808 | conf->nodename, (const char *)si); |
807 | |
809 | |
808 | if (::conf.script_node_down) |
810 | if (::conf.script_node_down) |
809 | if (!run_script (run_script_cb (this, &connection::script_node_down), false)) |
811 | { |
|
|
812 | run_script_cb cb; |
|
|
813 | callback_set (cb, this, connection, script_node_down); |
|
|
814 | if (!run_script (cb, false)) |
810 | slog (L_WARN, _("node-down command execution failed, continuing.")); |
815 | slog (L_WARN, _("node-down command execution failed, continuing.")); |
|
|
816 | } |
811 | } |
817 | } |
812 | |
818 | |
813 | delete ictx; ictx = 0; |
819 | delete ictx; ictx = 0; |
814 | delete octx; octx = 0; |
820 | delete octx; octx = 0; |
815 | #if ENABLE_DNS |
821 | #if ENABLE_DNS |
… | |
… | |
888 | } |
894 | } |
889 | |
895 | |
890 | void |
896 | void |
891 | connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
897 | connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
892 | { |
898 | { |
893 | last_activity = ev::ev_now (); |
899 | last_activity = ev_now (); |
894 | |
900 | |
895 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
901 | slog (L_NOISE, "<<%d received packet type %d from %d to %d", |
896 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
902 | conf->id, pkt->typ (), pkt->src (), pkt->dst ()); |
897 | |
903 | |
898 | if (connectmode == conf_node::C_DISABLED) |
904 | if (connectmode == conf_node::C_DISABLED) |
… | |
… | |
1039 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), |
1045 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), |
1040 | conf->nodename, (const char *)rsi, |
1046 | conf->nodename, (const char *)rsi, |
1041 | p->prot_major, p->prot_minor); |
1047 | p->prot_major, p->prot_minor); |
1042 | |
1048 | |
1043 | if (::conf.script_node_up) |
1049 | if (::conf.script_node_up) |
1044 | if (!run_script (run_script_cb (this, &connection::script_node_up), false)) |
1050 | { |
|
|
1051 | run_script_cb cb; |
|
|
1052 | callback_set (cb, this, connection, script_node_up); |
|
|
1053 | if (!run_script (cb, false)) |
1045 | slog (L_WARN, _("node-up command execution failed, continuing.")); |
1054 | slog (L_WARN, _("node-up command execution failed, continuing.")); |
|
|
1055 | } |
1046 | |
1056 | |
1047 | break; |
1057 | break; |
1048 | } |
1058 | } |
1049 | else |
1059 | else |
1050 | slog (L_ERR, _("%s(%s): sent and received challenge do not match"), |
1060 | slog (L_ERR, _("%s(%s): sent and received challenge do not match"), |
… | |
… | |
1168 | } |
1178 | } |
1169 | } |
1179 | } |
1170 | |
1180 | |
1171 | void connection::keepalive_cb (ev::timer &w, int revents) |
1181 | void connection::keepalive_cb (ev::timer &w, int revents) |
1172 | { |
1182 | { |
1173 | if (ev::ev_now () >= last_activity + ::conf.keepalive + 30) |
1183 | if (ev_now () >= last_activity + ::conf.keepalive + 30) |
1174 | { |
1184 | { |
1175 | reset_connection (); |
1185 | reset_connection (); |
1176 | establish_connection (); |
1186 | establish_connection (); |
1177 | } |
1187 | } |
1178 | else if (ev::ev_now () < last_activity + ::conf.keepalive) |
1188 | else if (ev_now () < last_activity + ::conf.keepalive) |
1179 | w.start (last_activity + ::conf.keepalive - ev::now ()); |
1189 | w.start (last_activity + ::conf.keepalive - ev::now ()); |
1180 | else if (conf->connectmode != conf_node::C_ONDEMAND |
1190 | else if (conf->connectmode != conf_node::C_ONDEMAND |
1181 | || THISNODE->connectmode != conf_node::C_ONDEMAND) |
1191 | || THISNODE->connectmode != conf_node::C_ONDEMAND) |
1182 | { |
1192 | { |
1183 | send_ping (si); |
1193 | send_ping (si); |
1184 | w.start (5); |
1194 | w.start (5); |
1185 | } |
1195 | } |
1186 | else if (ev::ev_now () < last_activity + ::conf.keepalive + 10) |
1196 | else if (ev_now () < last_activity + ::conf.keepalive + 10) |
1187 | // hold ondemand connections implicitly a few seconds longer |
1197 | // hold ondemand connections implicitly a few seconds longer |
1188 | // should delete octx, though, or something like that ;) |
1198 | // should delete octx, though, or something like that ;) |
1189 | w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); |
1199 | w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); |
1190 | else |
1200 | else |
1191 | reset_connection (); |
1201 | reset_connection (); |