/*
net_packet.c -- Handles in- and outgoing VPN packets
Copyright (C) 1998-2005 Ivo Timmermans,
- 2000-2009 Guus Sliepen <guus@tinc-vpn.org>
+ 2000-2010 Guus Sliepen <guus@tinc-vpn.org>
+ 2010 Timothy Redaelli <timothy@redaelli.eu>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "system.h"
+#include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <openssl/hmac.h>
+
+#ifdef HAVE_ZLIB
#include <zlib.h>
+#endif
+
+#ifdef HAVE_LZO
#include LZO1X_H
+#endif
#include "splay_tree.h"
#include "cipher.h"
int keylifetime = 0;
int keyexpires = 0;
+#ifdef HAVE_LZO
static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999_MEM_COMPRESS : LZO1X_1_MEM_COMPRESS];
+#endif
static void send_udppacket(node_t *, vpn_packet_t *);
}
static length_t compress_packet(uint8_t *dest, const uint8_t *source, length_t len, int level) {
- if(level == 10) {
+ if(level == 0) {
+ memcpy(dest, source, len);
+ return len;
+ } else if(level == 10) {
+#ifdef HAVE_LZO
lzo_uint lzolen = MAXSIZE;
lzo1x_1_compress(source, len, dest, &lzolen, lzo_wrkmem);
return lzolen;
+#else
+ return -1;
+#endif
} else if(level < 10) {
+#ifdef HAVE_ZLIB
unsigned long destlen = MAXSIZE;
if(compress2(dest, &destlen, source, len, level) == Z_OK)
return destlen;
else
+#endif
return -1;
} else {
+#ifdef HAVE_LZO
lzo_uint lzolen = MAXSIZE;
lzo1x_999_compress(source, len, dest, &lzolen, lzo_wrkmem);
return lzolen;
+#else
+ return -1;
+#endif
}
return -1;
}
static length_t uncompress_packet(uint8_t *dest, const uint8_t *source, length_t len, int level) {
- if(level > 9) {
+ if(level == 0) {
+ memcpy(dest, source, len);
+ return len;
+ } else if(level > 9) {
+#ifdef HAVE_LZO
lzo_uint lzolen = MAXSIZE;
if(lzo1x_decompress_safe(source, len, dest, &lzolen, NULL) == LZO_E_OK)
return lzolen;
else
+#endif
return -1;
- } else {
+ }
+#ifdef HAVE_ZLIB
+ else {
unsigned long destlen = MAXSIZE;
if(uncompress(dest, &destlen, source, len) == Z_OK)
return destlen;
else
return -1;
}
-
+#endif
+
return -1;
}
vpn_packet_t *outpkt;
int origlen;
size_t outlen;
+#if defined(SOL_IP) && defined(IP_TOS)
static int priority = 0;
+#endif
int origpriority;
int sock;
/* Make sure we have a valid key */
if(!n->status.validkey) {
+ time_t now = time(NULL);
+
ifdebug(TRAFFIC) logger(LOG_INFO,
"No valid key known yet for %s (%s), forwarding via TCP",
n->name, n->hostname);
- if(!n->status.waitingforkey)
+ if(n->last_req_key + 10 < now) {
send_req_key(n);
-
- n->status.waitingforkey = true;
+ n->last_req_key = now;
+ }
send_tcppacket(n->nexthop->connection, origpkt);
for(node = node_tree->head; node; node = node->next) {
n = node->data;
- if(n == myself || !digest_active(&n->indigest))
+ if(n == myself || !n->status.reachable || !digest_active(&n->indigest))
continue;
if(try_mac(n, pkt)) {
sockaddr_t from;
socklen_t fromlen = sizeof from;
node_t *n;
+ int len;
- pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
+ len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
- if(pkt.len < 0) {
+ if(len <= 0 || len > MAXSIZE) {
if(!sockwouldblock(sockerrno))
logger(LOG_ERR, "Receiving packet failed: %s", sockstrerror(sockerrno));
return;
}
+ pkt.len = len;
+
sockaddrunmap(&from); /* Some braindead IPv6 implementations do stupid things. */
n = lookup_node_udp(&from);