| … | |
… | |
| 546 | }; |
546 | }; |
| 547 | |
547 | |
| 548 | ///////////////////////////////////////////////////////////////////////////// |
548 | ///////////////////////////////////////////////////////////////////////////// |
| 549 | |
549 | |
| 550 | void |
550 | void |
| 551 | connection::reset_dstaddr () |
551 | connection::reset_si () |
| 552 | { |
552 | { |
| 553 | protocol = best_protocol (THISNODE->protocols & conf->protocols); |
553 | protocol = best_protocol (THISNODE->protocols & conf->protocols); |
| 554 | |
554 | |
| 555 | // mask out protocols we cannot establish |
555 | // mask out protocols we cannot establish |
| 556 | if (!conf->udp_port) protocol &= ~PROT_UDPv4; |
556 | if (!conf->udp_port) protocol &= ~PROT_UDPv4; |
| 557 | if (!conf->tcp_port) protocol &= ~PROT_TCPv4; |
557 | if (!conf->tcp_port) protocol &= ~PROT_TCPv4; |
| 558 | |
558 | |
| 559 | si.set (conf, protocol); |
559 | si.set (conf, protocol); |
|
|
560 | } |
|
|
561 | |
|
|
562 | // ensure sockinfo is valid, forward if necessary |
|
|
563 | const sockinfo & |
|
|
564 | connection::forward_si (const sockinfo &si) const |
|
|
565 | { |
|
|
566 | if (!si.valid ()) |
|
|
567 | { |
|
|
568 | connection *r = vpn->find_router (); |
|
|
569 | |
|
|
570 | if (r) |
|
|
571 | { |
|
|
572 | slog (L_DEBUG, _("%s: no common protocol, trying indirectly through %s"), |
|
|
573 | conf->nodename, r->conf->nodename); |
|
|
574 | return r->si; |
|
|
575 | } |
|
|
576 | else |
|
|
577 | slog (L_DEBUG, _("%s: node unreachable, no common protocol"), |
|
|
578 | conf->nodename); |
|
|
579 | } |
|
|
580 | |
|
|
581 | return si; |
| 560 | } |
582 | } |
| 561 | |
583 | |
| 562 | void |
584 | void |
| 563 | connection::send_ping (const sockinfo &si, u8 pong) |
585 | connection::send_ping (const sockinfo &si, u8 pong) |
| 564 | { |
586 | { |
| … | |
… | |
| 598 | conf->rsa_key, RSA_PKCS1_OAEP_PADDING)) |
620 | conf->rsa_key, RSA_PKCS1_OAEP_PADDING)) |
| 599 | fatal ("RSA_public_encrypt error"); |
621 | fatal ("RSA_public_encrypt error"); |
| 600 | |
622 | |
| 601 | slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); |
623 | slog (L_TRACE, ">>%d PT_AUTH_REQ [%s]", conf->id, (const char *)si); |
| 602 | |
624 | |
| 603 | vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY); // rsa is very very costly |
625 | vpn->send_vpn_packet (pkt, si, IPTOS_RELIABILITY | IPTOS_LOWDELAY); // rsa is very very costly |
|
|
626 | |
| 604 | |
627 | |
| 605 | delete pkt; |
628 | delete pkt; |
| 606 | } |
629 | } |
| 607 | |
630 | |
| 608 | void |
631 | void |
| … | |
… | |
| 651 | if (retry_int < 3600 * 8) |
674 | if (retry_int < 3600 * 8) |
| 652 | retry_cnt++; |
675 | retry_cnt++; |
| 653 | |
676 | |
| 654 | w.at = NOW + retry_int; |
677 | w.at = NOW + retry_int; |
| 655 | |
678 | |
| 656 | if (conf->hostname) |
679 | reset_si (); |
|
|
680 | |
|
|
681 | if (si.prot && !si.host) |
|
|
682 | vpn->connect_request (conf->id); |
|
|
683 | else |
| 657 | { |
684 | { |
| 658 | reset_dstaddr (); |
685 | const sockinfo &dsi = forward_si (si); |
| 659 | |
686 | |
| 660 | if (si.valid () && auth_rate_limiter.can (si)) |
687 | if (dsi.valid () && auth_rate_limiter.can (dsi)) |
| 661 | { |
688 | { |
| 662 | if (retry_cnt < 4) |
689 | if (retry_cnt < 4) |
| 663 | send_auth_request (si, true); |
690 | send_auth_request (dsi, true); |
| 664 | else |
691 | else |
| 665 | send_ping (si, 0); |
692 | send_ping (dsi, 0); |
| 666 | } |
693 | } |
| 667 | } |
694 | } |
| 668 | else |
|
|
| 669 | vpn->connect_request (conf->id); |
|
|
| 670 | } |
695 | } |
| 671 | } |
696 | } |
| 672 | |
697 | |
| 673 | void |
698 | void |
| 674 | connection::reset_connection () |
699 | connection::reset_connection () |
| … | |
… | |
| 743 | if (!broadcast)//DDDD |
768 | if (!broadcast)//DDDD |
| 744 | queue.put (new tap_packet (*pkt)); |
769 | queue.put (new tap_packet (*pkt)); |
| 745 | |
770 | |
| 746 | establish_connection (); |
771 | establish_connection (); |
| 747 | } |
772 | } |
|
|
773 | } |
|
|
774 | |
|
|
775 | void connection::inject_vpn_packet (vpn_packet *pkt, int tos) |
|
|
776 | { |
|
|
777 | if (ictx && octx) |
|
|
778 | vpn->send_vpn_packet (pkt, si, tos); |
|
|
779 | else |
|
|
780 | establish_connection (); |
| 748 | } |
781 | } |
| 749 | |
782 | |
| 750 | void |
783 | void |
| 751 | connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
784 | connection::recv_vpn_packet (vpn_packet *pkt, const sockinfo &rsi) |
| 752 | { |
785 | { |
| … | |
… | |
| 1004 | protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); |
1037 | protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); |
| 1005 | p->si.upgrade_protocol (protocol, c->conf); |
1038 | p->si.upgrade_protocol (protocol, c->conf); |
| 1006 | |
1039 | |
| 1007 | slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)", |
1040 | slog (L_TRACE, "<<%d PT_CONNECT_INFO(%d,%s) (%d)", |
| 1008 | conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx); |
1041 | conf->id, p->id, (const char *)p->si, !c->ictx && !c->octx); |
| 1009 | //slog (L_ERR, "%d PROTOCL(C%x,T%x,0S%x,S%x,P%x,SP%x)", |
|
|
| 1010 | // p->id, c->conf->protocols, THISNODE->protocols, p->si.supported_protocols(0), p->si.supported_protocols (c->conf), |
|
|
| 1011 | // protocol, p->si.prot); |
|
|
| 1012 | |
1042 | |
|
|
1043 | const sockinfo &dsi = forward_si (p->si); |
|
|
1044 | |
|
|
1045 | if (dsi.valid ()) |
| 1013 | c->send_auth_request (p->si, true); |
1046 | c->send_auth_request (dsi, true); |
| 1014 | } |
1047 | } |
| 1015 | |
1048 | |
| 1016 | break; |
1049 | break; |
| 1017 | |
1050 | |
| 1018 | default: |
1051 | default: |
