ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/src/connection.C
(Generate patch)

Comparing gvpe/src/connection.C (file contents):
Revision 1.89 by root, Thu Dec 2 08:15:09 2010 UTC vs.
Revision 1.90 by root, Tue Feb 8 23:11:35 2011 UTC

64////////////////////////////////////////////////////////////////////////////// 64//////////////////////////////////////////////////////////////////////////////
65 65
66static std::queue< std::pair<run_script_cb *, const char *> > rs_queue; 66static std::queue< std::pair<run_script_cb *, const char *> > rs_queue;
67static ev::child rs_child_ev; 67static ev::child rs_child_ev;
68 68
69namespace
70{
69void // c++ requires external linkage here, apparently :( 71 void // c++ requires external linkage here, apparently :(
70rs_child_cb (ev::child &w, int revents) 72 rs_child_cb (ev::child &w, int revents)
71{ 73 {
72 w.stop (); 74 w.stop ();
73 75
74 if (rs_queue.empty ()) 76 if (rs_queue.empty ())
75 return; 77 return;
76 78
77 pid_t pid = run_script (*rs_queue.front ().first, false); 79 pid_t pid = run_script (*rs_queue.front ().first, false);
78 if (pid) 80 if (pid)
79 { 81 {
80 w.set (pid); 82 w.set (pid);
81 w.start (); 83 w.start ();
82 } 84 }
83 else 85 else
84 slog (L_WARN, rs_queue.front ().second); 86 slog (L_WARN, rs_queue.front ().second);
85 87
86 delete rs_queue.front ().first; 88 delete rs_queue.front ().first;
87 rs_queue.pop (); 89 rs_queue.pop ();
88} 90 }
91};
89 92
90// despite the fancy name, this is quite a hack 93// despite the fancy name, this is quite a hack
91static void 94static void
92run_script_queued (run_script_cb *cb, const char *warnmsg) 95run_script_queued (run_script_cb *cb, const char *warnmsg)
93{ 96{
191 cleaner.set (RSA_TTL, RSA_TTL); 194 cleaner.set (RSA_TTL, RSA_TTL);
192 } 195 }
193 196
194} rsa_cache; 197} rsa_cache;
195 198
199void
196void rsa_cache::cleaner_cb (ev::timer &w, int revents) 200rsa_cache::cleaner_cb (ev::timer &w, int revents)
197{ 201{
198 if (empty ()) 202 if (empty ())
199 w.stop (); 203 w.stop ();
200 else 204 else
201 { 205 {
226 delete p; 230 delete p;
227 231
228 delete [] queue; 232 delete [] queue;
229} 233}
230 234
235void
231void pkt_queue::expire_cb (ev::timer &w, int revents) 236pkt_queue::expire_cb (ev::timer &w, int revents)
232{ 237{
233 ev_tstamp expire = ev_now () - max_ttl; 238 ev_tstamp expire = ev_now () - max_ttl;
234 239
235 for (;;) 240 for (;;)
236 { 241 {
247 252
248 delete get (); 253 delete get ();
249 } 254 }
250} 255}
251 256
257void
252void pkt_queue::put (net_packet *p) 258pkt_queue::put (net_packet *p)
253{ 259{
254 ev_tstamp now = ev_now (); 260 ev_tstamp now = ev_now ();
255 261
256 // start expiry timer 262 // start expiry timer
257 if (empty ()) 263 if (empty ())
266 queue[i].tstamp = now; 272 queue[i].tstamp = now;
267 273
268 i = ni; 274 i = ni;
269} 275}
270 276
271net_packet *pkt_queue::get () 277net_packet *
278pkt_queue::get ()
272{ 279{
273 if (empty ()) 280 if (empty ())
274 return 0; 281 return 0;
275 282
276 net_packet *p = queue[j].pkt; 283 net_packet *p = queue[j].pkt;
300 307
301 bool can (const sockinfo &si) { return can((u32)si.host); } 308 bool can (const sockinfo &si) { return can((u32)si.host); }
302 bool can (u32 host); 309 bool can (u32 host);
303}; 310};
304 311
305net_rate_limiter auth_rate_limiter, reset_rate_limiter; 312static net_rate_limiter auth_rate_limiter, reset_rate_limiter;
306 313
314bool
307bool net_rate_limiter::can (u32 host) 315net_rate_limiter::can (u32 host)
308{ 316{
309 iterator i; 317 iterator i;
310 318
311 for (i = begin (); i != end (); ) 319 for (i = begin (); i != end (); )
312 if (i->host == host) 320 if (i->host == host)
359 367
360///////////////////////////////////////////////////////////////////////////// 368/////////////////////////////////////////////////////////////////////////////
361 369
362unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE]; 370unsigned char hmac_packet::hmac_digest[EVP_MAX_MD_SIZE];
363 371
372void
364void hmac_packet::hmac_gen (crypto_ctx *ctx) 373hmac_packet::hmac_gen (crypto_ctx *ctx)
365{ 374{
366 unsigned int xlen; 375 unsigned int xlen;
367 376
368 HMAC_CTX *hctx = &ctx->hctx; 377 HMAC_CTX *hctx = &ctx->hctx;
369 378
387 hmac_gen (ctx); 396 hmac_gen (ctx);
388 397
389 return !memcmp (hmac, hmac_digest, HMACLENGTH); 398 return !memcmp (hmac, hmac_digest, HMACLENGTH);
390} 399}
391 400
401void
392void vpn_packet::set_hdr (ptype type_, unsigned int dst) 402vpn_packet::set_hdr (ptype type_, unsigned int dst)
393{ 403{
394 type = type_; 404 type = type_;
395 405
396 int src = THISNODE->id; 406 int src = THISNODE->id;
397 407
402 412
403#define MAXVPNDATA (MAX_MTU - 6 - 6) 413#define MAXVPNDATA (MAX_MTU - 6 - 6)
404#define DATAHDR (sizeof (u32) + RAND_SIZE) 414#define DATAHDR (sizeof (u32) + RAND_SIZE)
405 415
406struct vpndata_packet : vpn_packet 416struct vpndata_packet : vpn_packet
417{
418 u8 data[MAXVPNDATA + DATAHDR]; // seqno
419
420 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
421 tap_packet *unpack (connection *conn, u32 &seqno);
422
423private:
424 const u32 data_hdr_size () const
407 { 425 {
408 u8 data[MAXVPNDATA + DATAHDR]; // seqno
409
410 void setup (connection *conn, int dst, u8 *d, u32 len, u32 seqno);
411 tap_packet *unpack (connection *conn, u32 &seqno);
412private:
413
414 const u32 data_hdr_size () const
415 {
416 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR; 426 return sizeof (vpndata_packet) - sizeof (net_packet) - MAXVPNDATA - DATAHDR;
417 }
418 }; 427 }
428};
419 429
420void 430void
421vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno) 431vpndata_packet::setup (connection *conn, int dst, u8 *d, u32 l, u32 seqno)
422{ 432{
423 EVP_CIPHER_CTX *cctx = &conn->octx->cctx; 433 EVP_CIPHER_CTX *cctx = &conn->octx->cctx;
562#endif 572#endif
563 return f; 573 return f;
564 } 574 }
565}; 575};
566 576
577void
567void config_packet::setup (ptype type, int dst) 578config_packet::setup (ptype type, int dst)
568{ 579{
569 prot_major = PROTOCOL_MAJOR; 580 prot_major = PROTOCOL_MAJOR;
570 prot_minor = PROTOCOL_MINOR; 581 prot_minor = PROTOCOL_MINOR;
571 randsize = RAND_SIZE; 582 randsize = RAND_SIZE;
572 hmaclen = HMACLENGTH; 583 hmaclen = HMACLENGTH;
580 591
581 len = sizeof (*this) - sizeof (net_packet); 592 len = sizeof (*this) - sizeof (net_packet);
582 set_hdr (type, dst); 593 set_hdr (type, dst);
583} 594}
584 595
596bool
585bool config_packet::chk_config () const 597config_packet::chk_config () const
586{ 598{
587 if (prot_major != PROTOCOL_MAJOR) 599 if (prot_major != PROTOCOL_MAJOR)
588 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR); 600 slog (L_WARN, _("major version mismatch (remote %d <=> local %d)"), prot_major, PROTOCOL_MAJOR);
589 else if (randsize != RAND_SIZE) 601 else if (randsize != RAND_SIZE)
590 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE); 602 slog (L_WARN, _("rand size mismatch (remote %d <=> local %d)"), randsize, RAND_SIZE);
984 data_queue.put (new tap_packet (*pkt)); 996 data_queue.put (new tap_packet (*pkt));
985 post_inject_queue (); 997 post_inject_queue ();
986 } 998 }
987} 999}
988 1000
1001void
989void connection::inject_vpn_packet (vpn_packet *pkt, int tos) 1002connection::inject_vpn_packet (vpn_packet *pkt, int tos)
990{ 1003{
991 if (ictx && octx) 1004 if (ictx && octx)
992 send_vpn_packet (pkt, si, tos); 1005 send_vpn_packet (pkt, si, tos);
993 else 1006 else
994 { 1007 {
1342 w.start (last_activity + ::conf.keepalive + 10 - ev::now ()); 1355 w.start (last_activity + ::conf.keepalive + 10 - ev::now ());
1343 else 1356 else
1344 reset_connection (); 1357 reset_connection ();
1345} 1358}
1346 1359
1360void
1347void connection::send_connect_request (int id) 1361connection::send_connect_request (int id)
1348{ 1362{
1349 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); 1363 connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols);
1350 1364
1351 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s)", 1365 slog (L_TRACE, "%s << PT_CONNECT_REQ(%s)",
1352 conf->nodename, vpn->conns[id - 1]->conf->nodename); 1366 conf->nodename, vpn->conns[id - 1]->conf->nodename);
1354 send_vpn_packet (p, si); 1368 send_vpn_packet (p, si);
1355 1369
1356 delete p; 1370 delete p;
1357} 1371}
1358 1372
1373void
1359void connection::script_init_env (const char *ext) 1374connection::script_init_env (const char *ext)
1360{ 1375{
1361 char *env; 1376 char *env;
1362 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env); 1377 asprintf (&env, "IFUPDATA%s=%s", ext, conf->if_up_data); putenv (env);
1363 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env); 1378 asprintf (&env, "NODENAME%s=%s", ext, conf->nodename); putenv (env);
1364 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext, 1379 asprintf (&env, "MAC%s=%02x:%02x:%02x:%02x:%02x:%02x", ext,
1365 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8, 1380 0xfe, 0xfd, 0x80, 0x00, conf->id >> 8,
1366 conf->id & 0xff); putenv (env); 1381 conf->id & 0xff); putenv (env);
1367} 1382}
1368 1383
1384void
1369void connection::script_init_connect_env () 1385connection::script_init_connect_env ()
1370{ 1386{
1371 vpn->script_init_env (); 1387 vpn->script_init_env ();
1372 1388
1373 char *env; 1389 char *env;
1374 asprintf (&env, "DESTID=%d", conf->id); putenv (env); 1390 asprintf (&env, "DESTID=%d", conf->id); putenv (env);
1456connection::~connection () 1472connection::~connection ()
1457{ 1473{
1458 shutdown (); 1474 shutdown ();
1459} 1475}
1460 1476
1477void
1461void connection_init () 1478connection_init ()
1462{ 1479{
1463 auth_rate_limiter.clear (); 1480 auth_rate_limiter.clear ();
1464 reset_rate_limiter.clear (); 1481 reset_rate_limiter.clear ();
1465} 1482}
1466 1483

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines