… | |
… | |
82 | require (EVP_DigestUpdate(&ctx, &id, sizeof id)); |
82 | require (EVP_DigestUpdate(&ctx, &id, sizeof id)); |
83 | require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); |
83 | require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); |
84 | EVP_MD_CTX_cleanup (&ctx); |
84 | EVP_MD_CTX_cleanup (&ctx); |
85 | } |
85 | } |
86 | |
86 | |
87 | struct rsa_entry { |
87 | struct rsa_entry |
|
|
88 | { |
88 | tstamp expire; |
89 | tstamp expire; |
89 | rsaid id; |
90 | rsaid id; |
90 | rsachallenge chg; |
91 | rsachallenge chg; |
91 | }; |
92 | }; |
92 | |
93 | |
93 | struct rsa_cache : list<rsa_entry> |
94 | struct rsa_cache : list<rsa_entry> |
94 | { |
95 | { |
95 | void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner; |
96 | inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner; |
96 | |
97 | |
97 | bool find (const rsaid &id, rsachallenge &chg) |
98 | bool find (const rsaid &id, rsachallenge &chg) |
98 | { |
99 | { |
99 | for (iterator i = begin (); i != end (); ++i) |
100 | for (iterator i = begin (); i != end (); ++i) |
100 | { |
101 | { |
… | |
… | |
129 | if (!cleaner.is_active ()) |
130 | if (!cleaner.is_active ()) |
130 | cleaner.again (); |
131 | cleaner.again (); |
131 | } |
132 | } |
132 | |
133 | |
133 | rsa_cache () |
134 | rsa_cache () |
134 | : cleaner (this, &rsa_cache::cleaner_cb) |
|
|
135 | { |
135 | { |
|
|
136 | cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this); |
136 | cleaner.set (RSA_TTL, RSA_TTL); |
137 | cleaner.set (RSA_TTL, RSA_TTL); |
137 | } |
138 | } |
138 | |
139 | |
139 | } rsa_cache; |
140 | } rsa_cache; |
140 | |
141 | |
… | |
… | |
191 | { |
192 | { |
192 | for (i = QUEUEDEPTH; --i > 0; ) |
193 | for (i = QUEUEDEPTH; --i > 0; ) |
193 | delete queue[i]; |
194 | delete queue[i]; |
194 | } |
195 | } |
195 | |
196 | |
196 | struct net_rateinfo { |
197 | struct net_rateinfo |
|
|
198 | { |
197 | u32 host; |
199 | u32 host; |
198 | double pcnt, diff; |
200 | double pcnt, diff; |
199 | tstamp last; |
201 | tstamp last; |
200 | }; |
202 | }; |
201 | |
203 | |
… | |
… | |
743 | send_vpn_packet (r, si); |
745 | send_vpn_packet (r, si); |
744 | |
746 | |
745 | delete r; |
747 | delete r; |
746 | } |
748 | } |
747 | |
749 | |
748 | void |
750 | inline void |
749 | connection::establish_connection_cb (ev::timer &w, int revents) |
751 | connection::establish_connection_cb (ev::timer &w, int revents) |
750 | { |
752 | { |
751 | if (!ictx |
753 | if (!ictx |
752 | && conf != THISNODE |
754 | && conf != THISNODE |
753 | && connectmode != conf_node::C_NEVER |
755 | && connectmode != conf_node::C_NEVER |
… | |
… | |
804 | { |
806 | { |
805 | slog (L_INFO, _("%s(%s): connection lost"), |
807 | slog (L_INFO, _("%s(%s): connection lost"), |
806 | conf->nodename, (const char *)si); |
808 | conf->nodename, (const char *)si); |
807 | |
809 | |
808 | if (::conf.script_node_down) |
810 | if (::conf.script_node_down) |
809 | if (!run_script (run_script_cb (this, &connection::script_node_down), false)) |
811 | { |
|
|
812 | run_script_cb cb; |
|
|
813 | cb.set<connection, &connection::script_node_down> (this); |
|
|
814 | if (!run_script (cb, false)) |
810 | slog (L_WARN, _("node-down command execution failed, continuing.")); |
815 | slog (L_WARN, _("node-down command execution failed, continuing.")); |
|
|
816 | } |
811 | } |
817 | } |
812 | |
818 | |
813 | delete ictx; ictx = 0; |
819 | delete ictx; ictx = 0; |
814 | delete octx; octx = 0; |
820 | delete octx; octx = 0; |
815 | #if ENABLE_DNS |
821 | #if ENABLE_DNS |
… | |
… | |
833 | send_reset (si); |
839 | send_reset (si); |
834 | |
840 | |
835 | reset_connection (); |
841 | reset_connection (); |
836 | } |
842 | } |
837 | |
843 | |
838 | void |
844 | inline void |
839 | connection::rekey_cb (ev::timer &w, int revents) |
845 | connection::rekey_cb (ev::timer &w, int revents) |
840 | { |
846 | { |
841 | reset_connection (); |
847 | reset_connection (); |
842 | establish_connection (); |
848 | establish_connection (); |
843 | } |
849 | } |
… | |
… | |
1039 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), |
1045 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), |
1040 | conf->nodename, (const char *)rsi, |
1046 | conf->nodename, (const char *)rsi, |
1041 | p->prot_major, p->prot_minor); |
1047 | p->prot_major, p->prot_minor); |
1042 | |
1048 | |
1043 | if (::conf.script_node_up) |
1049 | if (::conf.script_node_up) |
1044 | if (!run_script (run_script_cb (this, &connection::script_node_up), false)) |
1050 | { |
|
|
1051 | run_script_cb cb; |
|
|
1052 | cb.set<connection, &connection::script_node_up> (this); |
|
|
1053 | if (!run_script (cb, false)) |
1045 | slog (L_WARN, _("node-up command execution failed, continuing.")); |
1054 | slog (L_WARN, _("node-up command execution failed, continuing.")); |
|
|
1055 | } |
1046 | |
1056 | |
1047 | break; |
1057 | break; |
1048 | } |
1058 | } |
1049 | else |
1059 | else |
1050 | slog (L_ERR, _("%s(%s): sent and received challenge do not match"), |
1060 | slog (L_ERR, _("%s(%s): sent and received challenge do not match"), |
… | |
… | |
1166 | send_reset (rsi); |
1176 | send_reset (rsi); |
1167 | break; |
1177 | break; |
1168 | } |
1178 | } |
1169 | } |
1179 | } |
1170 | |
1180 | |
|
|
1181 | inline void |
1171 | void connection::keepalive_cb (ev::timer &w, int revents) |
1182 | connection::keepalive_cb (ev::timer &w, int revents) |
1172 | { |
1183 | { |
1173 | if (ev_now () >= last_activity + ::conf.keepalive + 30) |
1184 | if (ev_now () >= last_activity + ::conf.keepalive + 30) |
1174 | { |
1185 | { |
1175 | reset_connection (); |
1186 | reset_connection (); |
1176 | establish_connection (); |
1187 | establish_connection (); |
… | |
… | |
1221 | asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env); |
1232 | asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env); |
1222 | asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env); |
1233 | asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env); |
1223 | asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env); |
1234 | asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env); |
1224 | } |
1235 | } |
1225 | |
1236 | |
|
|
1237 | inline const char * |
1226 | const char *connection::script_node_up () |
1238 | connection::script_node_up () |
1227 | { |
1239 | { |
1228 | script_init_connect_env (); |
1240 | script_init_connect_env (); |
1229 | |
1241 | |
1230 | putenv ((char *)"STATE=up"); |
1242 | putenv ((char *)"STATE=up"); |
1231 | |
1243 | |
… | |
… | |
1236 | ::conf.script_node_up ? ::conf.script_node_up : "node-up"); |
1248 | ::conf.script_node_up ? ::conf.script_node_up : "node-up"); |
1237 | |
1249 | |
1238 | return filename; |
1250 | return filename; |
1239 | } |
1251 | } |
1240 | |
1252 | |
|
|
1253 | inline const char * |
1241 | const char *connection::script_node_down () |
1254 | connection::script_node_down () |
1242 | { |
1255 | { |
1243 | script_init_connect_env (); |
1256 | script_init_connect_env (); |
1244 | |
1257 | |
1245 | putenv ((char *)"STATE=down"); |
1258 | putenv ((char *)"STATE=down"); |
1246 | |
1259 | |
… | |
… | |
1253 | return filename; |
1266 | return filename; |
1254 | } |
1267 | } |
1255 | |
1268 | |
1256 | connection::connection (struct vpn *vpn, conf_node *conf) |
1269 | connection::connection (struct vpn *vpn, conf_node *conf) |
1257 | : vpn(vpn), conf(conf) |
1270 | : vpn(vpn), conf(conf) |
1258 | , rekey (this, &connection::rekey_cb) |
|
|
1259 | , keepalive (this, &connection::keepalive_cb) |
|
|
1260 | , establish_connection (this, &connection::establish_connection_cb) |
|
|
1261 | #if ENABLE_DNS |
1271 | #if ENABLE_DNS |
1262 | , dns (0) |
1272 | , dns (0) |
1263 | #endif |
1273 | #endif |
1264 | { |
1274 | { |
|
|
1275 | rekey .set<connection, &connection::rekey_cb > (this); |
|
|
1276 | keepalive .set<connection, &connection::keepalive_cb > (this); |
|
|
1277 | establish_connection.set<connection, &connection::establish_connection_cb> (this); |
|
|
1278 | |
1265 | octx = ictx = 0; |
1279 | octx = ictx = 0; |
1266 | retry_cnt = 0; |
1280 | retry_cnt = 0; |
1267 | |
1281 | |
1268 | if (!conf->protocols) // make sure some protocol is enabled |
1282 | if (!conf->protocols) // make sure some protocol is enabled |
1269 | conf->protocols = PROT_UDPv4; |
1283 | conf->protocols = PROT_UDPv4; |