… | |
… | |
559 | } |
559 | } |
560 | |
560 | |
561 | void |
561 | void |
562 | connection::establish_connection () |
562 | connection::establish_connection () |
563 | { |
563 | { |
564 | if (!ictx && conf != THISNODE && conf->connectmode != conf_node::C_NEVER) |
564 | if (!ictx && conf != THISNODE && connectmode != conf_node::C_NEVER) |
565 | { |
565 | { |
566 | if (now >= next_retry) |
566 | if (now >= next_retry) |
567 | { |
567 | { |
568 | int retry_int = retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2); |
568 | int retry_int = retry_cnt & 3 ? (retry_cnt & 3) : 1 << (retry_cnt >> 2); |
569 | |
569 | |
570 | if (retry_cnt < (17 << 2) | 3) |
570 | if (retry_cnt < (17 << 2) | 3) |
571 | retry_cnt++; |
571 | retry_cnt++; |
572 | |
572 | |
573 | if (conf->connectmode == conf_node::C_ONDEMAND |
573 | if (connectmode == conf_node::C_ONDEMAND |
574 | && retry_int > ::conf.keepalive) |
574 | && retry_int > ::conf.keepalive) |
575 | retry_int = ::conf.keepalive; |
575 | retry_int = ::conf.keepalive; |
576 | |
576 | |
577 | next_retry = now + retry_int; |
577 | next_retry = now + retry_int; |
578 | next_wakeup (next_retry); |
578 | next_wakeup (next_retry); |
… | |
… | |
692 | { |
692 | { |
693 | reset_connection (); |
693 | reset_connection (); |
694 | |
694 | |
695 | config_packet *p = (config_packet *) pkt; |
695 | config_packet *p = (config_packet *) pkt; |
696 | if (p->chk_config ()) |
696 | if (p->chk_config ()) |
697 | if (conf->connectmode == conf_node::C_ALWAYS) |
697 | if (connectmode == conf_node::C_ALWAYS) |
698 | establish_connection (); |
698 | establish_connection (); |
699 | |
699 | |
700 | //D slog the protocol mismatch? |
700 | //D slog the protocol mismatch? |
701 | } |
701 | } |
702 | break; |
702 | break; |
… | |
… | |
781 | while (tap_packet *p = queue.get ()) |
781 | while (tap_packet *p = queue.get ()) |
782 | { |
782 | { |
783 | send_data_packet (p); |
783 | send_data_packet (p); |
784 | delete p; |
784 | delete p; |
785 | } |
785 | } |
|
|
786 | |
|
|
787 | connectmode = conf->connectmode; |
786 | |
788 | |
787 | slog (L_INFO, _("connection to %d (%s %s) established"), |
789 | slog (L_INFO, _("connection to %d (%s %s) established"), |
788 | conf->id, conf->nodename, (const char *)sockinfo (ssa)); |
790 | conf->id, conf->nodename, (const char *)sockinfo (ssa)); |
789 | |
791 | |
790 | if (::conf.script_node_up) |
792 | if (::conf.script_node_up) |
… | |
… | |
889 | slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n", |
891 | slog (L_TRACE, "<<%d PT_CONNECT_REQ(%d) [%d]\n", |
890 | conf->id, p->id, c->ictx && c->octx); |
892 | conf->id, p->id, c->ictx && c->octx); |
891 | |
893 | |
892 | if (c->ictx && c->octx) |
894 | if (c->ictx && c->octx) |
893 | { |
895 | { |
|
|
896 | // send connect_info packets to both sides, in case one is |
|
|
897 | // behind a nat firewall (or both ;) |
|
|
898 | { |
894 | sockinfo si(sa); |
899 | sockinfo si(sa); |
895 | |
900 | |
896 | slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n", |
901 | slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n", |
897 | c->conf->id, p->id, (const char *)si); |
902 | c->conf->id, conf->id, (const char *)si); |
898 | |
903 | |
899 | connect_info_packet *r = new connect_info_packet (c->conf->id, conf->id, si); |
904 | connect_info_packet *r = new connect_info_packet (c->conf->id, conf->id, si); |
900 | |
905 | |
901 | r->hmac_set (c->octx); |
906 | r->hmac_set (c->octx); |
902 | vpn->send_vpn_packet (r, &c->sa); |
907 | vpn->send_vpn_packet (r, &c->sa); |
903 | |
908 | |
904 | delete r; |
909 | delete r; |
|
|
910 | } |
|
|
911 | |
|
|
912 | { |
|
|
913 | sockinfo si(c->sa); |
|
|
914 | |
|
|
915 | slog (L_TRACE, ">>%d PT_CONNECT_INFO(%d,%s)\n", |
|
|
916 | conf->id, c->conf->id, (const char *)si); |
|
|
917 | |
|
|
918 | connect_info_packet *r = new connect_info_packet (conf->id, c->conf->id, si); |
|
|
919 | |
|
|
920 | r->hmac_set (octx); |
|
|
921 | vpn->send_vpn_packet (r, &sa); |
|
|
922 | |
|
|
923 | delete r; |
|
|
924 | } |
905 | } |
925 | } |
906 | } |
926 | } |
907 | |
927 | |
908 | break; |
928 | break; |
909 | |
929 | |
… | |
… | |
931 | |
951 | |
932 | void connection::timer () |
952 | void connection::timer () |
933 | { |
953 | { |
934 | if (conf != THISNODE) |
954 | if (conf != THISNODE) |
935 | { |
955 | { |
936 | if (now >= next_retry && conf->connectmode == conf_node::C_ALWAYS) |
956 | if (now >= next_retry && connectmode == conf_node::C_ALWAYS) |
937 | establish_connection (); |
957 | establish_connection (); |
938 | |
958 | |
939 | if (ictx && octx) |
959 | if (ictx && octx) |
940 | { |
960 | { |
941 | if (now >= next_rekey) |
961 | if (now >= next_rekey) |
… | |
… | |
1103 | connection *conn = new connection (this); |
1123 | connection *conn = new connection (this); |
1104 | |
1124 | |
1105 | conn->conf = *i; |
1125 | conn->conf = *i; |
1106 | conns.push_back (conn); |
1126 | conns.push_back (conn); |
1107 | |
1127 | |
1108 | if (conn->conf->connectmode == conf_node::C_ALWAYS) |
|
|
1109 | conn->establish_connection (); |
1128 | conn->establish_connection (); |
1110 | } |
1129 | } |
1111 | } |
1130 | } |
1112 | |
1131 | |
1113 | connection *vpn::find_router () |
1132 | connection *vpn::find_router () |
1114 | { |
1133 | { |
… | |
… | |
1118 | for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
1137 | for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
1119 | { |
1138 | { |
1120 | connection *c = *i; |
1139 | connection *c = *i; |
1121 | |
1140 | |
1122 | if (c->conf->routerprio > prio |
1141 | if (c->conf->routerprio > prio |
1123 | && c->conf->connectmode == conf_node::C_ALWAYS |
1142 | && c->connectmode == conf_node::C_ALWAYS |
1124 | && c->conf != THISNODE |
1143 | && c->conf != THISNODE |
1125 | && c->ictx && c->octx) |
1144 | && c->ictx && c->octx) |
1126 | { |
1145 | { |
1127 | prio = c->conf->routerprio; |
1146 | prio = c->conf->routerprio; |
1128 | router = c; |
1147 | router = c; |
… | |
… | |
1136 | { |
1155 | { |
1137 | connection *c = find_router (); |
1156 | connection *c = find_router (); |
1138 | |
1157 | |
1139 | if (c) |
1158 | if (c) |
1140 | c->connect_request (id); |
1159 | c->connect_request (id); |
|
|
1160 | //else // does not work, because all others must connect to the same router |
|
|
1161 | // // no router found, aggressively connect to all routers |
|
|
1162 | // for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i) |
|
|
1163 | // if ((*i)->conf->routerprio) |
|
|
1164 | // (*i)->establish_connection (); |
1141 | } |
1165 | } |
1142 | |
1166 | |
1143 | void |
1167 | void |
1144 | vpn::main_loop () |
1168 | vpn::main_loop () |
1145 | { |
1169 | { |