| … | |
… | |
| 82 | require (EVP_DigestUpdate(&ctx, &id, sizeof id)); |
82 | require (EVP_DigestUpdate(&ctx, &id, sizeof id)); |
| 83 | require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); |
83 | require (EVP_DigestFinal (&ctx, (unsigned char *)&h, 0)); |
| 84 | EVP_MD_CTX_cleanup (&ctx); |
84 | EVP_MD_CTX_cleanup (&ctx); |
| 85 | } |
85 | } |
| 86 | |
86 | |
| 87 | struct rsa_entry { |
87 | struct rsa_entry |
|
|
88 | { |
| 88 | tstamp expire; |
89 | tstamp expire; |
| 89 | rsaid id; |
90 | rsaid id; |
| 90 | rsachallenge chg; |
91 | rsachallenge chg; |
| 91 | }; |
92 | }; |
| 92 | |
93 | |
| 93 | struct rsa_cache : list<rsa_entry> |
94 | struct rsa_cache : list<rsa_entry> |
| 94 | { |
95 | { |
| 95 | void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner; |
96 | inline void cleaner_cb (ev::timer &w, int revents); ev::timer cleaner; |
| 96 | |
97 | |
| 97 | bool find (const rsaid &id, rsachallenge &chg) |
98 | bool find (const rsaid &id, rsachallenge &chg) |
| 98 | { |
99 | { |
| 99 | for (iterator i = begin (); i != end (); ++i) |
100 | for (iterator i = begin (); i != end (); ++i) |
| 100 | { |
101 | { |
| … | |
… | |
| 129 | if (!cleaner.is_active ()) |
130 | if (!cleaner.is_active ()) |
| 130 | cleaner.again (); |
131 | cleaner.again (); |
| 131 | } |
132 | } |
| 132 | |
133 | |
| 133 | rsa_cache () |
134 | rsa_cache () |
| 134 | : cleaner (this, &rsa_cache::cleaner_cb) |
|
|
| 135 | { |
135 | { |
|
|
136 | cleaner.set<rsa_cache, &rsa_cache::cleaner_cb> (this); |
| 136 | cleaner.set (RSA_TTL, RSA_TTL); |
137 | cleaner.set (RSA_TTL, RSA_TTL); |
| 137 | } |
138 | } |
| 138 | |
139 | |
| 139 | } rsa_cache; |
140 | } rsa_cache; |
| 140 | |
141 | |
| … | |
… | |
| 191 | { |
192 | { |
| 192 | for (i = QUEUEDEPTH; --i > 0; ) |
193 | for (i = QUEUEDEPTH; --i > 0; ) |
| 193 | delete queue[i]; |
194 | delete queue[i]; |
| 194 | } |
195 | } |
| 195 | |
196 | |
| 196 | struct net_rateinfo { |
197 | struct net_rateinfo |
|
|
198 | { |
| 197 | u32 host; |
199 | u32 host; |
| 198 | double pcnt, diff; |
200 | double pcnt, diff; |
| 199 | tstamp last; |
201 | tstamp last; |
| 200 | }; |
202 | }; |
| 201 | |
203 | |
| … | |
… | |
| 743 | send_vpn_packet (r, si); |
745 | send_vpn_packet (r, si); |
| 744 | |
746 | |
| 745 | delete r; |
747 | delete r; |
| 746 | } |
748 | } |
| 747 | |
749 | |
| 748 | void |
750 | inline void |
| 749 | connection::establish_connection_cb (ev::timer &w, int revents) |
751 | connection::establish_connection_cb (ev::timer &w, int revents) |
| 750 | { |
752 | { |
| 751 | if (!ictx |
753 | if (!ictx |
| 752 | && conf != THISNODE |
754 | && conf != THISNODE |
| 753 | && connectmode != conf_node::C_NEVER |
755 | && connectmode != conf_node::C_NEVER |
| … | |
… | |
| 804 | { |
806 | { |
| 805 | slog (L_INFO, _("%s(%s): connection lost"), |
807 | slog (L_INFO, _("%s(%s): connection lost"), |
| 806 | conf->nodename, (const char *)si); |
808 | conf->nodename, (const char *)si); |
| 807 | |
809 | |
| 808 | if (::conf.script_node_down) |
810 | if (::conf.script_node_down) |
| 809 | if (!run_script (run_script_cb (this, &connection::script_node_down), false)) |
811 | { |
|
|
812 | run_script_cb cb; |
|
|
813 | cb.set<connection, &connection::script_node_down> (this); |
|
|
814 | if (!run_script (cb, false)) |
| 810 | slog (L_WARN, _("node-down command execution failed, continuing.")); |
815 | slog (L_WARN, _("node-down command execution failed, continuing.")); |
|
|
816 | } |
| 811 | } |
817 | } |
| 812 | |
818 | |
| 813 | delete ictx; ictx = 0; |
819 | delete ictx; ictx = 0; |
| 814 | delete octx; octx = 0; |
820 | delete octx; octx = 0; |
| 815 | #if ENABLE_DNS |
821 | #if ENABLE_DNS |
| … | |
… | |
| 833 | send_reset (si); |
839 | send_reset (si); |
| 834 | |
840 | |
| 835 | reset_connection (); |
841 | reset_connection (); |
| 836 | } |
842 | } |
| 837 | |
843 | |
| 838 | void |
844 | inline void |
| 839 | connection::rekey_cb (ev::timer &w, int revents) |
845 | connection::rekey_cb (ev::timer &w, int revents) |
| 840 | { |
846 | { |
| 841 | reset_connection (); |
847 | reset_connection (); |
| 842 | establish_connection (); |
848 | establish_connection (); |
| 843 | } |
849 | } |
| … | |
… | |
| 1039 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), |
1045 | slog (L_INFO, _("%s(%s): connection established, protocol version %d.%d"), |
| 1040 | conf->nodename, (const char *)rsi, |
1046 | conf->nodename, (const char *)rsi, |
| 1041 | p->prot_major, p->prot_minor); |
1047 | p->prot_major, p->prot_minor); |
| 1042 | |
1048 | |
| 1043 | if (::conf.script_node_up) |
1049 | if (::conf.script_node_up) |
| 1044 | if (!run_script (run_script_cb (this, &connection::script_node_up), false)) |
1050 | { |
|
|
1051 | run_script_cb cb; |
|
|
1052 | cb.set<connection, &connection::script_node_up> (this); |
|
|
1053 | if (!run_script (cb, false)) |
| 1045 | slog (L_WARN, _("node-up command execution failed, continuing.")); |
1054 | slog (L_WARN, _("node-up command execution failed, continuing.")); |
|
|
1055 | } |
| 1046 | |
1056 | |
| 1047 | break; |
1057 | break; |
| 1048 | } |
1058 | } |
| 1049 | else |
1059 | else |
| 1050 | slog (L_ERR, _("%s(%s): sent and received challenge do not match"), |
1060 | slog (L_ERR, _("%s(%s): sent and received challenge do not match"), |
| … | |
… | |
| 1166 | send_reset (rsi); |
1176 | send_reset (rsi); |
| 1167 | break; |
1177 | break; |
| 1168 | } |
1178 | } |
| 1169 | } |
1179 | } |
| 1170 | |
1180 | |
|
|
1181 | inline void |
| 1171 | void connection::keepalive_cb (ev::timer &w, int revents) |
1182 | connection::keepalive_cb (ev::timer &w, int revents) |
| 1172 | { |
1183 | { |
| 1173 | if (ev_now () >= last_activity + ::conf.keepalive + 30) |
1184 | if (ev_now () >= last_activity + ::conf.keepalive + 30) |
| 1174 | { |
1185 | { |
| 1175 | reset_connection (); |
1186 | reset_connection (); |
| 1176 | establish_connection (); |
1187 | establish_connection (); |
| … | |
… | |
| 1221 | asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env); |
1232 | asprintf (&env, "DESTNODE=%s", conf->nodename); putenv (env); |
| 1222 | asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env); |
1233 | asprintf (&env, "DESTIP=%s", si.ntoa ()); putenv (env); |
| 1223 | asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env); |
1234 | asprintf (&env, "DESTPORT=%d", ntohs (si.port)); putenv (env); |
| 1224 | } |
1235 | } |
| 1225 | |
1236 | |
|
|
1237 | inline const char * |
| 1226 | const char *connection::script_node_up () |
1238 | connection::script_node_up () |
| 1227 | { |
1239 | { |
| 1228 | script_init_connect_env (); |
1240 | script_init_connect_env (); |
| 1229 | |
1241 | |
| 1230 | putenv ((char *)"STATE=up"); |
1242 | putenv ((char *)"STATE=up"); |
| 1231 | |
1243 | |
| … | |
… | |
| 1236 | ::conf.script_node_up ? ::conf.script_node_up : "node-up"); |
1248 | ::conf.script_node_up ? ::conf.script_node_up : "node-up"); |
| 1237 | |
1249 | |
| 1238 | return filename; |
1250 | return filename; |
| 1239 | } |
1251 | } |
| 1240 | |
1252 | |
|
|
1253 | inline const char * |
| 1241 | const char *connection::script_node_down () |
1254 | connection::script_node_down () |
| 1242 | { |
1255 | { |
| 1243 | script_init_connect_env (); |
1256 | script_init_connect_env (); |
| 1244 | |
1257 | |
| 1245 | putenv ((char *)"STATE=down"); |
1258 | putenv ((char *)"STATE=down"); |
| 1246 | |
1259 | |
| … | |
… | |
| 1253 | return filename; |
1266 | return filename; |
| 1254 | } |
1267 | } |
| 1255 | |
1268 | |
| 1256 | connection::connection (struct vpn *vpn, conf_node *conf) |
1269 | connection::connection (struct vpn *vpn, conf_node *conf) |
| 1257 | : vpn(vpn), conf(conf) |
1270 | : vpn(vpn), conf(conf) |
| 1258 | , rekey (this, &connection::rekey_cb) |
|
|
| 1259 | , keepalive (this, &connection::keepalive_cb) |
|
|
| 1260 | , establish_connection (this, &connection::establish_connection_cb) |
|
|
| 1261 | #if ENABLE_DNS |
1271 | #if ENABLE_DNS |
| 1262 | , dns (0) |
1272 | , dns (0) |
| 1263 | #endif |
1273 | #endif |
| 1264 | { |
1274 | { |
|
|
1275 | rekey .set<connection, &connection::rekey_cb > (this); |
|
|
1276 | keepalive .set<connection, &connection::keepalive_cb > (this); |
|
|
1277 | establish_connection.set<connection, &connection::establish_connection_cb> (this); |
|
|
1278 | |
| 1265 | octx = ictx = 0; |
1279 | octx = ictx = 0; |
| 1266 | retry_cnt = 0; |
1280 | retry_cnt = 0; |
| 1267 | |
1281 | |
| 1268 | if (!conf->protocols) // make sure some protocol is enabled |
1282 | if (!conf->protocols) // make sure some protocol is enabled |
| 1269 | conf->protocols = PROT_UDPv4; |
1283 | conf->protocols = PROT_UDPv4; |
