[ViewVC] Diff of: cvs/gvpe/src/vpn.C

Comparing gvpe/src/vpn.C (file contents):
Revision 1.54 by pcg, Mon Mar 23 15:22:00 2009 UTC vs.
Revision 1.62 by root, Sat Dec 17 22:05:34 2011 UTC

 /*
     vpn.C -- handle the protocol, encryption, handshaking etc.
-    Copyright (C) 2003-2008 Marc Lehmann <gvpe@schmorp.de>
+    Copyright (C) 2003-2008,2010,2011 Marc Lehmann <gvpe@schmorp.de>
     This file is part of GVPE.
     GVPE is free software; you can redistribute it and/or modify it
     under the terms of the GNU General Public License as published by the
   fcntl (fd, F_SETFL, O_NONBLOCK);
   fcntl (fd, F_SETFD, FD_CLOEXEC);
 #ifdef SO_MARK
   if (::conf.nfmark)
-    setsockopt (ipv4_fd, SOL_SOCKET, SO_MARK, &::conf.nfmark, sizeof ::conf.nfmark);
+    if (setsockopt (fd, SOL_SOCKET, SO_MARK, &::conf.nfmark, sizeof ::conf.nfmark))
+      slog (L_WARN, _("unable to set nfmark on %s socket: %s"), strprotocol (prot), strerror (errno));
 #endif
   return fd;
 }
 int
 vpn::setup ()
 {
   int success = 0;
+#if 1//D2
-  ipv4_tos = -1;
+  ipv42_tos = -1;
-  ipv4_fd  = -1;
+  ipv42_fd  = -1;
-  if (THISNODE->protocols & PROT_IPv4 && ::conf.ip_proto)
+  if (THISNODE->protocols & PROT_IPv42 && ::conf.ip_proto)
     {
-      ipv4_fd = setup_socket (PROT_IPv4, PF_INET, SOCK_RAW, ::conf.ip_proto);
+      ipv42_fd = setup_socket (PROT_IPv42, PF_INET, SOCK_RAW, ::conf.ip2_proto);
-      if (ipv4_fd < 0)
+      if (ipv42_fd < 0)
         return -1;
 #if defined(SOL_IP) && defined(IP_MTU_DISCOVER)
       // this I really consider a linux bug. I am neither connected
       // nor do I fragment myself. Linux still sets DF and doesn't
       // fragment for me sometimes.
       {
         int oval = IP_PMTUDISC_DONT;
-        setsockopt (ipv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval);
+        setsockopt (ipv42_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval);
       }
 #endif
-      sockinfo si (THISNODE, PROT_IPv4);
+      sockinfo si (THISNODE, PROT_IPv42);
-      if (bind (ipv4_fd, si.sav4 (), si.salenv4 ()))
+      if (bind (ipv42_fd, si.sav4 (), si.salenv4 ()))
         {
-          slog (L_ERR, _("can't bind ipv4 socket on %s: %s, exiting."), (const char *)si, strerror (errno));
+          slog (L_ERR, _("can't bind ipv42 socket on %s: %s, exiting."), (const char *)si, strerror (errno));
           return -1;
         }
-      ipv4_ev_watcher.start (ipv4_fd, EV_READ);
+      ipv42_ev_watcher.start (ipv42_fd, EV_READ);
       ++success;
     }
   else
-    THISNODE->protocols &= ~PROT_IPv4;
+    THISNODE->protocols &= ~PROT_IPv42;
+#endif
-  udpv4_tos = -1;
+  ipv4_tos = -1;
-  udpv4_fd  = -1;
+  ipv4_fd  = -1;
-  if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port)
+  if (THISNODE->protocols & PROT_IPv4 && ::conf.ip_proto)
     {
-      udpv4_fd = setup_socket (PROT_UDPv4, PF_INET, SOCK_DGRAM, IPPROTO_UDP);
+      ipv4_fd = setup_socket (PROT_IPv4, PF_INET, SOCK_RAW, ::conf.ip_proto);
-      if (udpv4_fd < 0)
+      if (ipv4_fd < 0)
         return -1;
-      // standard daemon practise...
-      {
-        int oval = 1;
-        setsockopt (udpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval);
-      }
 #if defined(SOL_IP) && defined(IP_MTU_DISCOVER)
       // this I really consider a linux bug. I am neither connected
       // nor do I fragment myself. Linux still sets DF and doesn't
       // fragment for me sometimes.
       {
         int oval = IP_PMTUDISC_DONT;
+        setsockopt (ipv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval);
+      }
+#endif
+      sockinfo si (THISNODE, PROT_IPv4);
+      if (bind (ipv4_fd, si.sav4 (), si.salenv4 ()))
+        {
+          slog (L_ERR, _("can't bind ipv4 socket on %s: %s, exiting."), (const char *)si, strerror (errno));
+          return -1;
+        }
+      ipv4_ev_watcher.start (ipv4_fd, EV_READ);
+      ++success;
+    }
+  else
+    THISNODE->protocols &= ~PROT_IPv4;
+  udpv4_tos = -1;
+  udpv4_fd  = -1;
+  if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port)
+    {
+      udpv4_fd = setup_socket (PROT_UDPv4, PF_INET, SOCK_DGRAM, IPPROTO_UDP);
+      if (udpv4_fd < 0)
+        return -1;
+      // standard daemon practise...
+      {
+        int oval = 1;
+        setsockopt (udpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval);
+      }
+#if defined(SOL_IP) && defined(IP_MTU_DISCOVER)
+      // this I really consider a linux bug. I am neither connected
+      // nor do I fragment myself. Linux still sets DF and doesn't
+      // fragment for me sometimes.
+      {
+        int oval = IP_PMTUDISC_DONT;
         setsockopt (udpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval);
       }
 #endif
       sockinfo si (THISNODE, PROT_UDPv4);
   set_tos (ipv4_fd, ipv4_tos, tos);
   sendto (ipv4_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ());
   return true;
 }
+#if 1 //D
+bool
+vpn::send_ipv42_packet (vpn_packet *pkt, const sockinfo &si, int tos)
+{
+  set_tos (ipv42_fd, ipv42_tos, tos);
+  sendto (ipv42_fd, &((*pkt)[0]), pkt->len, 0, si.sav4 (), si.salenv4 ());
+  return true;
+}
+#endif
 static u16
 ipv4_checksum (u16 *data, unsigned int len)
 {
   // use 32 bit accumulator and fold back carry bits at the end
         (const char *)rsi, pkt->typ (), pkt->src (), pkt->dst (), pkt->len);
   if (src == 0 || src > conns.size ()
       || dst > conns.size ()
       || pkt->typ () >= vpn_packet::PT_MAX)
-    slog (L_WARN, _("(%s): received corrupted packet type %d (src %d, dst %d)."),
-          (const char *)rsi, pkt->typ (), pkt->src (), pkt->dst ());
-  else if (dst > conns.size ())
     slog (L_WARN, _("(%s): received corrupted packet type %d (src %d, dst %d)."),
           (const char *)rsi, pkt->typ (), pkt->src (), pkt->dst ());
   else
     {
       connection *c = conns[src - 1];
 bool
 vpn::send_vpn_packet (vpn_packet *pkt, const sockinfo &si, int tos)
 {
   switch (si.prot)
     {
+#if 1//D2
+      case PROT_IPv42:
+        return send_ipv42_packet (pkt, si, tos);
+#endif
       case PROT_IPv4:
         return send_ipv4_packet (pkt, si, tos);
       case PROT_UDPv4:
         return send_udpv4_packet (pkt, si, tos);
 #if ENABLE_TCP
       case PROT_TCPv4:
         return send_tcpv4_packet (pkt, si, tos);
 #endif
 #if ENABLE_ICMP
       case PROT_ICMPv4:
     }
   return false;
 }
+#if 1//D2
 inline void
-vpn::ipv4_ev (ev::io &w, int revents)
+vpn::ipv42_ev (ev::io &w, int revents)
 {
   if (revents & EV_READ)
     {
       vpn_packet *pkt = new vpn_packet;
       struct sockaddr_in sa;
       socklen_t sa_len = sizeof (sa);
       int len;
       len = recvfrom (w.fd, &((*pkt)[0]), MAXSIZE, 0, (sockaddr *)&sa, &sa_len);
+      sockinfo si(sa, PROT_IPv42);
+      if (len > 0)
+        {
+          pkt->len = len;
+          // raw sockets deliver the ipv4 header, but don't expect it on sends
+          pkt->skip_hdr (pkt->ipv4_hdr_len ());
+          recv_vpn_packet (pkt, si);
+        }
+      else
+        {
+          // probably ECONNRESET or somesuch
+          slog (L_DEBUG, _("%s: %s."), (const char *)si, strerror (errno));
+        }
+      delete pkt;
+    }
+  else
+    {
+      slog (L_ERR,
+            _("FATAL: unknown revents %08x in socket, exiting.\n"),
+            revents);
+      exit (EXIT_FAILURE);
+    }
+}
+#endif
+inline void
+vpn::ipv4_ev (ev::io &w, int revents)
+{
+  if (revents & EV_READ)
+    {
+      vpn_packet *pkt = new vpn_packet;
+      struct sockaddr_in sa;
+      socklen_t sa_len = sizeof (sa);
+      int len;
+      len = recvfrom (w.fd, &((*pkt)[0]), MAXSIZE, 0, (sockaddr *)&sa, &sa_len);
       sockinfo si(sa, PROT_IPv4);
       if (len > 0)
         {
           pkt->len = len;
           // raw sockets deliver the ipv4 header, but don't expect it on sends
-          pkt->skip_hdr (IP_OVERHEAD);
+          pkt->skip_hdr (pkt->ipv4_hdr_len ());
           recv_vpn_packet (pkt, si);
         }
       else
         {
           if (hdr->type == ::conf.icmp_type
               && hdr->code == 255)
             {
               // raw sockets deliver the ipv4, but don't expect it on sends
               // this is slow, but...
-              pkt->skip_hdr (ICMP_OVERHEAD);
+              pkt->skip_hdr (pkt->ipv4_hdr_len () + (ICMP_OVERHEAD - IP_OVERHEAD));
               recv_vpn_packet (pkt, si);
             }
         }
       else
   for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c)
     (*c)->establish_connection ();
 }
+bool
-bool vpn::can_direct (conf_node *src, conf_node *dst) const
+vpn::can_direct (conf_node *src, conf_node *dst) const
 {
   return src != dst
       && src->may_direct (dst)
       && dst->may_direct (src)
       && (((src->protocols & dst->protocols) && src->connectmode == conf_node::C_ALWAYS)
           || (src->protocols & dst->connectable_protocols ()));
 }
 // only works for indirect and routed connections: find a router
 // from THISNODE to dst
+connection *
-connection *vpn::find_router_for (const connection *dst)
+vpn::find_router_for (const connection *dst)
 {
   connection *router = 0;
   // first try to find a router with a direct connection, route there
   // regardless of any other considerations.
   }
   return router;
 }
+void
-void vpn::connection_established (connection *c)
+vpn::connection_established (connection *c)
 {
   for (conns_vector::iterator i = conns.begin (); i != conns.end (); ++i)
     {
       connection *o = *i;
           o->rekey ();
         }
     }
 }
+void
-void vpn::send_connect_request (connection *c)
+vpn::send_connect_request (connection *c)
 {
   connection *r = find_router_for (c);
   if (r)
     {
 vpn::vpn (void)
 {
   event            .set<vpn, &vpn::event_cb > (this);
   udpv4_ev_watcher .set<vpn, &vpn::udpv4_ev > (this);
   ipv4_ev_watcher  .set<vpn, &vpn::ipv4_ev  > (this);
+#if 1//D2
+  ipv42_ev_watcher .set<vpn, &vpn::ipv42_ev > (this);
+#endif
 #if ENABLE_TCP
   tcpv4_ev_watcher .set<vpn, &vpn::tcpv4_ev > (this);
 #endif
 #if ENABLE_ICMP
   icmpv4_ev_watcher.set<vpn, &vpn::icmpv4_ev> (this);

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing gvpe/src/vpn.C (file contents): Revision 1.54 by pcg, Mon Mar 23 15:22:00 2009 UTC vs. Revision 1.62 by root, Sat Dec 17 22:05:34 2011 UTC

Diff Legend

Comparing gvpe/src/vpn.C (file contents):
Revision 1.54 by pcg, Mon Mar 23 15:22:00 2009 UTC vs.
Revision 1.62 by root, Sat Dec 17 22:05:34 2011 UTC