2 net.c -- most of the network code
3 Copyright (C) 1998-2005 Ivo Timmermans,
4 2000-2021 Guus Sliepen <guus@tinc-vpn.org>
5 2006 Scott Lamb <slamb@slamb.org>
6 2011 Loïc Grenié <loic.grenie@gmail.com>
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation, Inc.,
20 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include "autoconnect.h"
28 #include "connection.h"
39 int contradicting_add_edge = 0;
40 int contradicting_del_edge = 0;
41 static int sleeptime = 10;
42 time_t last_config_check = 0;
43 static timeout_t pingtimer;
44 static timeout_t periodictimer;
45 static struct timeval last_periodic_run_time;
47 /* Purge edges and subnets of unreachable nodes. Use carefully. */
50 logger(DEBUG_PROTOCOL, LOG_DEBUG, "Purging unreachable nodes");
52 /* Remove all edges and subnets owned by unreachable nodes. */
54 for splay_each(node_t, n, &node_tree) {
55 if(!n->status.reachable) {
56 logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Purging node %s (%s)", n->name, n->hostname);
58 for splay_each(subnet_t, s, &n->subnet_tree) {
59 send_del_subnet(everyone, s);
66 for splay_each(edge_t, e, &n->edge_tree) {
68 send_del_edge(everyone, e);
76 /* Check if anyone else claims to have an edge to an unreachable node. If not, delete node. */
78 for splay_each(node_t, n, &node_tree) {
79 if(!n->status.reachable) {
80 for splay_each(edge_t, e, &edge_weight_tree)
85 if(!autoconnect && (!strictsubnets || !n->subnet_tree.head))
86 /* in strictsubnets mode do not delete nodes with subnets */
94 /* Put a misbehaving connection in the tarpit */
96 static int pits[10] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1};
97 static unsigned int next_pit = 0;
99 if(pits[next_pit] != -1) {
100 closesocket(pits[next_pit]);
103 pits[next_pit++] = fd;
105 if(next_pit >= sizeof pits / sizeof pits[0]) {
111 Terminate a connection:
112 - Mark it as inactive
113 - Remove the edge representing this connection
115 - Check if we need to retry making an outgoing connection
117 void terminate_connection(connection_t *c, bool report) {
118 logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Closing connection with %s (%s)", c->name, c->hostname);
121 if(c->node->connection == c) {
122 c->node->connection = NULL;
126 if(report && !tunnelserver) {
127 send_del_edge(everyone, c->edge);
133 /* Run MST and SSSP algorithms */
137 /* If the node is not reachable anymore but we remember it had an edge to us, clean it up */
139 if(report && !c->node->status.reachable) {
141 e = lookup_edge(c->node, myself);
145 send_del_edge(everyone, e);
154 outgoing_t *outgoing = c->outgoing;
157 /* Check if this was our outgoing connection */
160 do_outgoing_connection(outgoing);
164 /* Clean up dead proxy processes */
166 while(waitpid(-1, NULL, WNOHANG) > 0);
172 Check if the other end is active.
173 If we have sent packets, but didn't receive any,
174 then possibly the other end is dead. We send a
175 PING request over the meta connection. If the other
176 end does not reply in time, we consider them dead
177 and close the connection.
179 static void timeout_handler(void *data) {
181 bool close_all_connections = false;
184 timeout_handler will start after 30 seconds from start of tincd
185 hold information about the elapsed time since last time the handler
188 long sleep_time = now.tv_sec - last_periodic_run_time.tv_sec;
191 It seems that finding sane default value is harder than expected
192 Since we send every second a UDP packet to make holepunching work
193 And default UDP state expire on firewalls is between 15-30 seconds
194 we drop all connections after 60 Seconds - UDPDiscoveryTimeout=30
197 if(sleep_time > 2 * udp_discovery_timeout) {
198 logger(DEBUG_ALWAYS, LOG_ERR, "Awaking from dead after %ld seconds of sleep", sleep_time);
200 Do not send any packets to tinc after we wake up.
201 The other node probably closed our connection but we still
202 are holding context information to them. This may happen on
203 laptops or any other hardware which can be suspended for some time.
204 Sending any data to node that wasn't expecting it will produce
205 annoying and misleading errors on the other side about failed signature
206 verification and or about missing sptps context
208 close_all_connections = true;
211 last_periodic_run_time = now;
213 for list_each(connection_t, c, &connection_list) {
214 // control connections (eg. tinc ctl) do not have any timeout
215 if(c->status.control) {
219 if(close_all_connections) {
220 logger(DEBUG_ALWAYS, LOG_ERR, "Forcing connection close after sleep time %s (%s)", c->name, c->hostname);
221 terminate_connection(c, c->edge);
225 // Bail out early if we haven't reached the ping timeout for this node yet
226 if(c->last_ping_time + pingtimeout > now.tv_sec) {
230 // timeout during connection establishing
232 if(c->status.connecting) {
233 logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout while connecting to %s (%s)", c->name, c->hostname);
235 logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout from %s (%s) during authentication", c->name, c->hostname);
236 c->status.tarpit = true;
239 terminate_connection(c, c->edge);
243 // helps in UDP holepunching
244 try_tx(c->node, false);
246 // timeout during ping
247 if(c->status.pinged) {
248 logger(DEBUG_CONNECTIONS, LOG_INFO, "%s (%s) didn't respond to PING in %ld seconds", c->name, c->hostname, (long)(now.tv_sec - c->last_ping_time));
249 terminate_connection(c, c->edge);
253 // check whether we need to send a new ping
254 if(c->last_ping_time + pinginterval <= now.tv_sec) {
259 timeout_set(data, &(struct timeval) {
264 static void periodic_handler(void *data) {
265 /* Check if there are too many contradicting ADD_EDGE and DEL_EDGE messages.
266 This usually only happens when another node has the same Name as this node.
267 If so, sleep for a short while to prevent a storm of contradicting messages.
270 if(contradicting_del_edge > 100 && contradicting_add_edge > 100) {
271 logger(DEBUG_ALWAYS, LOG_WARNING, "Possible node with same Name as us! Sleeping %d seconds.", sleeptime);
272 nanosleep(&(struct timespec) {
288 contradicting_add_edge = 0;
289 contradicting_del_edge = 0;
291 /* If AutoConnect is set, check if we need to make or break connections. */
293 if(autoconnect && node_tree.count > 1) {
297 timeout_set(data, &(struct timeval) {
302 void handle_meta_connection_data(connection_t *c) {
303 if(!receive_meta(c)) {
304 if(!c->status.control) {
305 c->status.tarpit = true;
308 terminate_connection(c, c->edge);
314 static void sigterm_handler(void *data) {
315 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
319 static void sighup_handler(void *data) {
320 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
323 if(reload_configuration()) {
328 static void sigalrm_handler(void *data) {
329 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
334 int reload_configuration(void) {
335 char fname[PATH_MAX];
337 /* Reread our own configuration file */
339 splay_empty_tree(&config_tree);
341 if(!read_server_config(&config_tree)) {
342 logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file.");
346 read_config_options(&config_tree, NULL);
348 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, myself->name);
349 read_config_file(&config_tree, fname, true);
351 /* Parse some options that are allowed to be changed while tinc is running */
353 setup_myself_reloadable();
355 /* If StrictSubnet is set, expire deleted Subnets and read new ones in */
358 for splay_each(subnet_t, subnet, &subnet_tree)
364 for splay_each(node_t, n, &node_tree) {
365 n->status.has_address = false;
371 for splay_each(subnet_t, subnet, &subnet_tree) {
376 if(subnet->expires == 1) {
377 send_del_subnet(everyone, subnet);
379 if(subnet->owner->status.reachable) {
380 subnet_update(subnet->owner, subnet, false);
383 subnet_del(subnet->owner, subnet);
384 } else if(subnet->expires == -1) {
387 send_add_subnet(everyone, subnet);
389 if(subnet->owner->status.reachable) {
390 subnet_update(subnet->owner, subnet, true);
394 } else { /* Only read our own subnets back in */
395 for splay_each(subnet_t, subnet, &myself->subnet_tree)
396 if(!subnet->expires) {
400 config_t *cfg = lookup_config(&config_tree, "Subnet");
403 subnet_t *subnet, *s2;
405 if(get_config_subnet(cfg, &subnet)) {
406 if((s2 = lookup_subnet(myself, subnet))) {
407 if(s2->expires == 1) {
413 subnet_add(myself, subnet);
414 send_add_subnet(everyone, subnet);
415 subnet_update(myself, subnet, true);
419 cfg = lookup_config_next(&config_tree, cfg);
422 for splay_each(subnet_t, subnet, &myself->subnet_tree) {
423 if(subnet->expires == 1) {
424 send_del_subnet(everyone, subnet);
425 subnet_update(myself, subnet, false);
426 subnet_del(myself, subnet);
431 /* Try to make outgoing connections */
433 try_outgoing_connections();
435 /* Close connections to hosts that have a changed or deleted host config file */
437 for list_each(connection_t, c, &connection_list) {
438 if(c->status.control) {
442 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, c->name);
445 if(stat(fname, &s) || s.st_mtime > last_config_check) {
446 logger(DEBUG_CONNECTIONS, LOG_INFO, "Host config file of %s has been changed", c->name);
447 terminate_connection(c, c->edge);
451 last_config_check = now.tv_sec;
457 /* Reset the reconnection timers for all outgoing connections */
458 for list_each(outgoing_t, outgoing, &outgoing_list) {
459 outgoing->timeout = 0;
462 timeout_set(&outgoing->ev, &(struct timeval) {
467 /* Check for outgoing connections that are in progress, and reset their ping timers */
468 for list_each(connection_t, c, &connection_list) {
469 if(c->outgoing && !c->node) {
470 c->last_ping_time = 0;
474 /* Kick the ping timeout handler */
475 timeout_set(&pingtimer, &(struct timeval) {
481 this is where it all happens...
483 int main_loop(void) {
484 last_periodic_run_time = now;
485 timeout_add(&pingtimer, timeout_handler, &pingtimer, &(struct timeval) {
486 pingtimeout, jitter()
488 timeout_add(&periodictimer, periodic_handler, &periodictimer, &(struct timeval) {
493 signal_t sighup = {0};
494 signal_t sigterm = {0};
495 signal_t sigquit = {0};
496 signal_t sigint = {0};
497 signal_t sigalrm = {0};
499 signal_add(&sighup, sighup_handler, &sighup, SIGHUP);
500 signal_add(&sigterm, sigterm_handler, &sigterm, SIGTERM);
501 signal_add(&sigquit, sigterm_handler, &sigquit, SIGQUIT);
502 signal_add(&sigint, sigterm_handler, &sigint, SIGINT);
503 signal_add(&sigalrm, sigalrm_handler, &sigalrm, SIGALRM);
507 logger(DEBUG_ALWAYS, LOG_ERR, "Error while waiting for input: %s", sockstrerror(sockerrno));
513 signal_del(&sigterm);
514 signal_del(&sigquit);
516 signal_del(&sigalrm);
519 timeout_del(&periodictimer);
520 timeout_del(&pingtimer);
projects / tinc / blob