X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_packet.c;h=a985390ca905ddbe70e737e94c97510b0208c1e1;hb=6834b882015a9323672e9fce8811aa4283f196f0;hp=46d4e1a0df5314f22d767f038d9e39cb02e3f126;hpb=ffa1dc73dcd62a856325641972a13d398aa8121c;p=tinc

diff --git a/src/net_packet.c b/src/net_packet.c
index 46d4e1a0..a985390c 100644
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -2,6 +2,8 @@
     net_packet.c -- Handles in- and outgoing VPN packets
     Copyright (C) 1998-2005 Ivo Timmermans,
                   2000-2010 Guus Sliepen <guus@tinc-vpn.org>
+                  2010      Timothy Redaelli <timothy@redaelli.eu>
+                  2010      Brandon Black <blblack@gmail.com>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -61,6 +63,8 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999
 
 static void send_udppacket(node_t *, vpn_packet_t *);
 
+unsigned replaywin = 16;
+
 #define MAX_SEQNO 1073741824
 
 // mtuprobes == 1..30: initial discovery, send bursts with 1 second interval
@@ -68,7 +72,7 @@ static void send_udppacket(node_t *, vpn_packet_t *);
 // mtuprobes ==    32: send 1 burst, sleep pingtimeout second
 // mtuprobes ==    33: no response from other side, restart PMTU discovery process
 
-static void send_mtu_probe_handler(int fd, short events, void *data) {
+static void send_mtu_probe_handler(void *data) {
 	node_t *n = data;
 	vpn_packet_t packet;
 	int len, i;
@@ -132,13 +136,15 @@ static void send_mtu_probe_handler(int fd, short events, void *data) {
 	}
 
 end:
-	event_add(&n->mtuevent, &(struct timeval){timeout, 0});
+	n->mtuevent.time = time(NULL) + timeout;
+	event_add(&n->mtuevent);
 }
 
 void send_mtu_probe(node_t *n) {
-	if(!timeout_initialized(&n->mtuevent))
-		timeout_set(&n->mtuevent, send_mtu_probe_handler, n);
-	send_mtu_probe_handler(0, 0, n);
+	event_del(&n->mtuevent);
+	n->mtuevent.handler = send_mtu_probe_handler;
+	n->mtuevent.data = n;
+	send_mtu_probe_handler(n);
 }
 
 void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
@@ -283,25 +289,32 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
 	inpkt->len -= sizeof inpkt->seqno;
 	inpkt->seqno = ntohl(inpkt->seqno);
 
-	if(inpkt->seqno != n->received_seqno + 1) {
-		if(inpkt->seqno >= n->received_seqno + sizeof n->late * 8) {
-			logger(LOG_WARNING, "Lost %d packets from %s (%s)",
-					   inpkt->seqno - n->received_seqno - 1, n->name, n->hostname);
-			
-			memset(n->late, 0, sizeof n->late);
-		} else if (inpkt->seqno <= n->received_seqno) {
-			if((n->received_seqno >= sizeof n->late * 8 && inpkt->seqno <= n->received_seqno - sizeof n->late * 8) || !(n->late[(inpkt->seqno / 8) % sizeof n->late] & (1 << inpkt->seqno % 8))) {
-				logger(LOG_WARNING, "Got late or replayed packet from %s (%s), seqno %d, last received %d",
-					   n->name, n->hostname, inpkt->seqno, n->received_seqno);
-				return;
+	if(replaywin) {
+		if(inpkt->seqno != n->received_seqno + 1) {
+			if(inpkt->seqno >= n->received_seqno + replaywin * 8) {
+				if(n->farfuture++ < replaywin >> 2) {
+					logger(LOG_WARNING, "Packet from %s (%s) is %d seqs in the future, dropped (%u)",
+						n->name, n->hostname, inpkt->seqno - n->received_seqno - 1, n->farfuture);
+					return;
+				}
+				logger(LOG_WARNING, "Lost %d packets from %s (%s)",
+					   	inpkt->seqno - n->received_seqno - 1, n->name, n->hostname);
+				memset(n->late, 0, replaywin);
+			} else if (inpkt->seqno <= n->received_seqno) {
+				if((n->received_seqno >= replaywin * 8 && inpkt->seqno <= n->received_seqno - replaywin * 8) || !(n->late[(inpkt->seqno / 8) % replaywin] & (1 << inpkt->seqno % 8))) {
+					logger(LOG_WARNING, "Got late or replayed packet from %s (%s), seqno %d, last received %d",
+					   	n->name, n->hostname, inpkt->seqno, n->received_seqno);
+					return;
+				}
+			} else {
+				for(i = n->received_seqno + 1; i < inpkt->seqno; i++)
+					n->late[(i / 8) % replaywin] |= 1 << i % 8;
 			}
-		} else {
-			for(i = n->received_seqno + 1; i < inpkt->seqno; i++)
-				n->late[(i / 8) % sizeof n->late] |= 1 << i % 8;
 		}
+
+		n->farfuture = 0;
+		n->late[(inpkt->seqno / 8) % replaywin] &= ~(1 << inpkt->seqno % 8);
 	}
-	
-	n->late[(inpkt->seqno / 8) % sizeof n->late] &= ~(1 << inpkt->seqno % 8);
 
 	if(inpkt->seqno > n->received_seqno)
 		n->received_seqno = inpkt->seqno;
@@ -356,7 +369,9 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
 	vpn_packet_t *outpkt;
 	int origlen;
 	size_t outlen;
+#if defined(SOL_IP) && defined(IP_TOS)
 	static int priority = 0;
+#endif
 	int origpriority;
 	int sock;
 
@@ -563,7 +578,8 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
 	return found;
 }
 
-void handle_incoming_vpn_data(int sock, short events, void *data) {
+void handle_incoming_vpn_data(void *arg) {
+	listen_socket_t *l = arg;
 	vpn_packet_t pkt;
 	char *hostname;
 	sockaddr_t from;
@@ -571,35 +587,39 @@ void handle_incoming_vpn_data(int sock, short events, void *data) {
 	node_t *n;
 	int len;
 
-	len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
+	while(true) {
+		len = recvfrom(l->udp, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
 
-	if(len <= 0 || len > MAXSIZE) {
-		if(!sockwouldblock(sockerrno))
+		if(len <= 0 || len > MAXSIZE) {
 			logger(LOG_ERR, "Receiving packet failed: %s", sockstrerror(sockerrno));
-		return;
-	}
+			return;
+		}
 
-	pkt.len = len;
+		pkt.len = len;
 
-	sockaddrunmap(&from);		/* Some braindead IPv6 implementations do stupid things. */
+		sockaddrunmap(&from);		/* Some braindead IPv6 implementations do stupid things. */
 
-	n = lookup_node_udp(&from);
+		mutex_lock(&mutex);
+		n = lookup_node_udp(&from);
 
-	if(!n) {
-		n = try_harder(&from, &pkt);
-		if(n)
-			update_node_udp(n, &from);
-		else ifdebug(PROTOCOL) {
-			hostname = sockaddr2hostname(&from);
-			logger(LOG_WARNING, "Received UDP packet from unknown source %s", hostname);
-			free(hostname);
-			return;
+		if(!n) {
+			n = try_harder(&from, &pkt);
+			if(n)
+				update_node_udp(n, &from);
 		}
-		else
-			return;
-	}
 
-	receive_udppacket(n, &pkt);
+		if(n) {
+			receive_udppacket(n, &pkt);
+		} else {
+			ifdebug(PROTOCOL) {
+				hostname = sockaddr2hostname(&from);
+				logger(LOG_WARNING, "Received UDP packet from unknown source %s", hostname);
+				free(hostname);
+			}
+		}
+
+		mutex_unlock(&mutex);
+	}
 }
 
 void handle_device_data(int sock, short events, void *data) {