| … | |
… | |
| 70 | #define MAX_SEND_INTERVAL 5. // optimistic? |
70 | #define MAX_SEND_INTERVAL 5. // optimistic? |
| 71 | |
71 | |
| 72 | #define MAX_WINDOW 1000 // max. for MAX_OUTSTANDING, and backlog |
72 | #define MAX_WINDOW 1000 // max. for MAX_OUTSTANDING, and backlog |
| 73 | #define MAX_BACKLOG (64*1024) // size of gvpe protocol backlog (bytes), must be > MAXSIZE |
73 | #define MAX_BACKLOG (64*1024) // size of gvpe protocol backlog (bytes), must be > MAXSIZE |
| 74 | |
74 | |
| 75 | #define MAX_DOMAIN_SIZE 240 // 255 is legal limit, but bind doesn't compress well |
75 | #define MAX_DOMAIN_SIZE 235 // 255 is legal limit, but bind doesn't compress well |
| 76 | // 240 leaves about 4 bytes of server reply data |
76 | // 240 leaves about 4 bytes of server reply data |
| 77 | // every request byte less give room for two reply bytes |
77 | // every request byte less give room for two reply bytes |
| 78 | |
78 | |
| 79 | #define SEQNO_MASK 0x3fff |
79 | #define SEQNO_MASK 0x3fff |
| 80 | #define SEQNO_EQ(a,b) ( 0 == ( ((a) ^ (b)) & SEQNO_MASK) ) |
80 | #define SEQNO_EQ(a,b) ( 0 == ( ((a) ^ (b)) & SEQNO_MASK) ) |
| … | |
… | |
| 397 | return true; |
397 | return true; |
| 398 | } |
398 | } |
| 399 | |
399 | |
| 400 | vpn_packet *byte_stream::get () |
400 | vpn_packet *byte_stream::get () |
| 401 | { |
401 | { |
|
|
402 | if (fill < 2) |
|
|
403 | return 0; |
|
|
404 | |
| 402 | unsigned int len; |
405 | unsigned int len; |
| 403 | |
406 | |
| 404 | for (;;) |
407 | for (;;) |
| 405 | { |
408 | { |
| 406 | len = (data [0] << 8) | data [1]; |
409 | len = (data [0] << 8) | data [1]; |
| 407 | |
410 | |
| 408 | if (len <= MAXSIZE || fill < 2) |
411 | if (len <= MAXSIZE) |
| 409 | break; |
412 | break; |
| 410 | |
413 | |
| 411 | // TODO: handle this better than skipping, e.g. by reset |
414 | // TODO: handle this better than skipping, e.g. by reset |
| 412 | slog (L_DEBUG, _("DNS: corrupted packet stream skipping a byte...")); |
415 | slog (L_DEBUG, _("DNS: corrupted packet (%02x %02x) stream skipping a byte..."), data [0], data [1]); |
| 413 | remove (1); |
416 | remove (1); |
| 414 | } |
417 | } |
| 415 | |
418 | |
| 416 | if (fill < len + 2) |
419 | if (fill < len + 2) |
| 417 | return 0; |
420 | return 0; |
| … | |
… | |
| 590 | static |
593 | static |
| 591 | u16 next_id () |
594 | u16 next_id () |
| 592 | { |
595 | { |
| 593 | static u16 dns_id = 0; // TODO: should be per-vpn |
596 | static u16 dns_id = 0; // TODO: should be per-vpn |
| 594 | |
597 | |
|
|
598 | #if 1 |
| 595 | if (!dns_id) |
599 | if (!dns_id) |
| 596 | dns_id = time (0); |
600 | dns_id = time (0); |
| 597 | |
601 | |
| 598 | // the simplest lsfr with periodicity 65535 i could find |
602 | // the simplest lsfr with periodicity 65535 i could find |
| 599 | dns_id = (dns_id << 1) |
603 | dns_id = (dns_id << 1) |
| … | |
… | |
| 601 | ^ (dns_id >> 2) |
605 | ^ (dns_id >> 2) |
| 602 | ^ (dns_id >> 4) |
606 | ^ (dns_id >> 4) |
| 603 | ^ (dns_id >> 15)) & 1); |
607 | ^ (dns_id >> 15)) & 1); |
| 604 | |
608 | |
| 605 | return dns_id; |
609 | return dns_id; |
|
|
610 | #else |
|
|
611 | dns_id++;//D |
|
|
612 | |
|
|
613 | return htons (dns_id); |
|
|
614 | #endif |
| 606 | } |
615 | } |
| 607 | |
616 | |
| 608 | struct dns_rcv; |
617 | struct dns_rcv; |
| 609 | struct dns_snd; |
618 | struct dns_snd; |
| 610 | |
619 | |
