1 | /* |
1 | /* |
2 | connection.C -- manage a single connection |
2 | connection.C -- manage a single connection |
3 | Copyright (C) 2003-2008,2010 Marc Lehmann <gvpe@schmorp.de> |
3 | Copyright (C) 2003-2008,2010,2011 Marc Lehmann <gvpe@schmorp.de> |
4 | |
4 | |
5 | This file is part of GVPE. |
5 | This file is part of GVPE. |
6 | |
6 | |
7 | GVPE is free software; you can redistribute it and/or modify it |
7 | GVPE is free software; you can redistribute it and/or modify it |
8 | under the terms of the GNU General Public License as published by the |
8 | under the terms of the GNU General Public License as published by the |
… | |
… | |
831 | } |
831 | } |
832 | |
832 | |
833 | void |
833 | void |
834 | connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols) |
834 | connection::send_connect_info (int rid, const sockinfo &rsi, u8 rprotocols) |
835 | { |
835 | { |
836 | slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s)", conf->nodename, |
836 | slog (L_TRACE, "%s << PT_CONNECT_INFO(%s,%s,p%02x)", conf->nodename, |
837 | vpn->conns[rid - 1]->conf->nodename, (const char *)rsi); |
837 | vpn->conns[rid - 1]->conf->nodename, (const char *)rsi, |
|
|
838 | conf->protocols); |
838 | |
839 | |
839 | connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); |
840 | connect_info_packet *r = new connect_info_packet (conf->id, rid, rsi, rprotocols); |
840 | |
841 | |
841 | r->hmac_set (octx); |
842 | r->hmac_set (octx); |
842 | send_vpn_packet (r, si); |
843 | send_vpn_packet (r, si); |
… | |
… | |
1067 | break; |
1068 | break; |
1068 | |
1069 | |
1069 | case vpn_packet::PT_AUTH_REQ: |
1070 | case vpn_packet::PT_AUTH_REQ: |
1070 | if (auth_rate_limiter.can (rsi)) |
1071 | if (auth_rate_limiter.can (rsi)) |
1071 | { |
1072 | { |
1072 | auth_req_packet *p = (auth_req_packet *) pkt; |
1073 | auth_req_packet *p = (auth_req_packet *)pkt; |
1073 | |
1074 | |
1074 | slog (L_TRACE, "%s >> PT_AUTH_REQ(%s)", conf->nodename, p->initiate ? "initiate" : "reply"); |
1075 | slog (L_TRACE, "%s >> PT_AUTH_REQ(%s,p%02x,f%02x)", |
|
|
1076 | conf->nodename, p->initiate ? "initiate" : "reply", |
|
|
1077 | p->protocols, p->features); |
1075 | |
1078 | |
1076 | if (p->chk_config () |
1079 | if (p->chk_config () |
1077 | && (!strncmp (p->magic, MAGIC_OLD, 8) || !strncmp (p->magic, MAGIC, 8))) |
1080 | && (!memcmp (p->magic, MAGIC_OLD, 8) || !memcmp (p->magic, MAGIC, 8))) |
1078 | { |
1081 | { |
1079 | if (p->prot_minor != PROTOCOL_MINOR) |
1082 | if (p->prot_minor != PROTOCOL_MINOR) |
1080 | slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."), |
1083 | slog (L_INFO, _("%s(%s): protocol minor version mismatch: ours is %d, %s's is %d."), |
1081 | conf->nodename, (const char *)rsi, |
1084 | conf->nodename, (const char *)rsi, |
1082 | PROTOCOL_MINOR, conf->nodename, p->prot_minor); |
1085 | PROTOCOL_MINOR, conf->nodename, p->prot_minor); |
… | |
… | |
1274 | if (p->id > 0 && p->id <= vpn->conns.size ()) |
1277 | if (p->id > 0 && p->id <= vpn->conns.size ()) |
1275 | { |
1278 | { |
1276 | connection *c = vpn->conns[p->id - 1]; |
1279 | connection *c = vpn->conns[p->id - 1]; |
1277 | conf->protocols = p->protocols; |
1280 | conf->protocols = p->protocols; |
1278 | |
1281 | |
1279 | slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s) [%d]", |
1282 | slog (L_TRACE, "%s >> PT_CONNECT_REQ(%s,p%02x) [%d]", |
1280 | conf->nodename, vpn->conns[p->id - 1]->conf->nodename, c->ictx && c->octx); |
1283 | conf->nodename, vpn->conns[p->id - 1]->conf->nodename, |
|
|
1284 | p->protocols, |
|
|
1285 | c->ictx && c->octx); |
1281 | |
1286 | |
1282 | if (c->ictx && c->octx) |
1287 | if (c->ictx && c->octx) |
1283 | { |
1288 | { |
1284 | // send connect_info packets to both sides, in case one is |
1289 | // send connect_info packets to both sides, in case one is |
1285 | // behind a nat firewall (or both ;) |
1290 | // behind a nat firewall (or both ;) |
… | |
… | |
1308 | |
1313 | |
1309 | c->conf->protocols = p->protocols; |
1314 | c->conf->protocols = p->protocols; |
1310 | protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); |
1315 | protocol = best_protocol (c->conf->protocols & THISNODE->protocols & p->si.supported_protocols (c->conf)); |
1311 | p->si.upgrade_protocol (protocol, c->conf); |
1316 | p->si.upgrade_protocol (protocol, c->conf); |
1312 | |
1317 | |
1313 | slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s) [%d]", |
1318 | slog (L_TRACE, "%s >> PT_CONNECT_INFO(%s,%s,p%02x) [%d]", |
|
|
1319 | conf->nodename, |
1314 | conf->nodename, vpn->conns[p->id - 1]->conf->nodename, |
1320 | vpn->conns[p->id - 1]->conf->nodename, |
|
|
1321 | (const char *)p->si, |
|
|
1322 | p->protocols, |
1315 | (const char *)p->si, !c->ictx && !c->octx); |
1323 | !c->ictx && !c->octx); |
1316 | |
1324 | |
1317 | const sockinfo &dsi = forward_si (p->si); |
1325 | const sockinfo &dsi = forward_si (p->si); |
1318 | |
1326 | |
1319 | if (dsi.valid ()) |
1327 | if (dsi.valid ()) |
1320 | c->send_auth_request (dsi, true); |
1328 | c->send_auth_request (dsi, true); |
… | |
… | |
1358 | } |
1366 | } |
1359 | |
1367 | |
1360 | void |
1368 | void |
1361 | connection::send_connect_request (int id) |
1369 | connection::send_connect_request (int id) |
1362 | { |
1370 | { |
1363 | connect_req_packet *p = new connect_req_packet (conf->id, id, conf->protocols); |
1371 | connect_req_packet *p = new connect_req_packet (conf->id, id, THISNODE->protocols); |
1364 | |
1372 | |
1365 | slog (L_TRACE, "%s << PT_CONNECT_REQ(%s)", |
1373 | slog (L_TRACE, "%s << PT_CONNECT_REQ(%s,p%02x)", |
1366 | conf->nodename, vpn->conns[id - 1]->conf->nodename); |
1374 | conf->nodename, vpn->conns[id - 1]->conf->nodename, |
|
|
1375 | THISNODE->protocols); |
1367 | p->hmac_set (octx); |
1376 | p->hmac_set (octx); |
1368 | send_vpn_packet (p, si); |
1377 | send_vpn_packet (p, si); |
1369 | |
1378 | |
1370 | delete p; |
1379 | delete p; |
1371 | } |
1380 | } |
… | |
… | |
1455 | establish_connection.set<connection, &connection::establish_connection_cb> (this); |
1464 | establish_connection.set<connection, &connection::establish_connection_cb> (this); |
1456 | |
1465 | |
1457 | last_establish_attempt = 0.; |
1466 | last_establish_attempt = 0.; |
1458 | octx = ictx = 0; |
1467 | octx = ictx = 0; |
1459 | |
1468 | |
1460 | if (!conf->protocols) // make sure some protocol is enabled |
|
|
1461 | conf->protocols = PROT_UDPv4; |
|
|
1462 | |
|
|
1463 | connectmode = conf->connectmode; |
1469 | connectmode = conf->connectmode; |
1464 | |
1470 | |
1465 | // queue a dummy packet to force an initial connection attempt |
1471 | // queue a dummy packet to force an initial connection attempt |
1466 | if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED) |
1472 | if (connectmode != conf_node::C_ALWAYS && connectmode != conf_node::C_DISABLED) |
1467 | vpn_queue.put (new net_packet); |
1473 | vpn_queue.put (new net_packet); |