2 net.c -- most of the network code
3 Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: net.c,v 1.35.4.18 2000/06/30 21:03:51 guus Exp $
25 #include <arpa/inet.h>
29 #include <netinet/in.h>
33 #include <sys/signal.h>
34 #include <sys/socket.h>
36 #include <sys/types.h>
55 int total_tap_out = 0;
56 int total_socket_in = 0;
57 int total_socket_out = 0;
59 int upstreamindex = 0;
60 static int seconds_till_retry;
62 /* The global list of existing connections */
63 conn_list_t *conn_list = NULL;
64 conn_list_t *myself = NULL;
67 strip off the MAC adresses of an ethernet frame
69 void strip_mac_addresses(vpn_packet_t *p)
71 unsigned char tmp[MAXSIZE];
73 memcpy(tmp, p->data, p->len);
75 memcpy(p->data, &tmp[12], p->len);
80 reassemble MAC addresses
82 void add_mac_addresses(vpn_packet_t *p)
84 unsigned char tmp[MAXSIZE];
86 memcpy(&tmp[12], p->data, p->len);
88 tmp[0] = tmp[6] = 0xfe;
89 tmp[1] = tmp[7] = 0xfd;
90 *((ip_t*)(&tmp[2])) = (ip_t)(htonl(myself->vpn_ip));
91 *((ip_t*)(&tmp[8])) = *((ip_t*)(&tmp[26]));
92 memcpy(p->data, &tmp[0], p->len);
96 int xsend(conn_list_t *cl, void *packet)
101 do_encrypt((vpn_packet_t*)packet, &rp, cl->key);
102 rp.from = htonl(myself->vpn_ip);
103 rp.data.len = htons(rp.data.len);
104 rp.len = htons(rp.len);
107 syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
108 ntohs(rp.len), cl->vpn_hostname, cl->real_hostname);
110 if((r = send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0)
112 syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
113 cl->vpn_hostname, cl->real_hostname);
117 total_socket_out += r;
124 int xrecv(conn_list_t *cl, void *packet)
129 do_decrypt((real_packet_t*)packet, &vp, cl->key);
130 add_mac_addresses(&vp);
133 syslog(LOG_ERR, _("Receiving packet of %d bytes from %s (%s)"),
134 ((real_packet_t*)packet)->len, cl->vpn_hostname, cl->real_hostname);
136 if((lenin = write(tap_fd, &vp, vp.len + sizeof(vp.len))) < 0)
137 syslog(LOG_ERR, _("Can't write to tap device: %m"));
139 total_tap_out += lenin;
142 cl->last_ping_time = time(NULL);
148 add the given packet of size s to the
149 queue q, be it the send or receive queue
151 void add_queue(packet_queue_t **q, void *packet, size_t s)
155 e = xmalloc(sizeof(*e));
156 e->packet = xmalloc(s);
157 memcpy(e->packet, packet, s);
161 *q = xmalloc(sizeof(**q));
162 (*q)->head = (*q)->tail = NULL;
165 e->next = NULL; /* We insert at the tail */
167 if((*q)->tail) /* Do we have a tail? */
169 (*q)->tail->next = e;
170 e->prev = (*q)->tail;
172 else /* No tail -> no head too */
182 /* Remove a queue element */
183 void del_queue(packet_queue_t **q, queue_element_t *e)
188 if(e->next) /* There is a successor, so we are not tail */
190 if(e->prev) /* There is a predecessor, so we are not head */
192 e->next->prev = e->prev;
193 e->prev->next = e->next;
195 else /* We are head */
197 e->next->prev = NULL;
198 (*q)->head = e->next;
201 else /* We are tail (or all alone!) */
203 if(e->prev) /* We are not alone :) */
205 e->prev->next = NULL;
206 (*q)->tail = e->prev;
220 flush a queue by calling function for
221 each packet, and removing it when that
222 returned a zero exit code
224 void flush_queue(conn_list_t *cl, packet_queue_t **pq,
225 int (*function)(conn_list_t*,void*))
227 queue_element_t *p, *next = NULL;
229 for(p = (*pq)->head; p != NULL; )
233 if(!function(cl, p->packet))
240 syslog(LOG_DEBUG, _("Queue flushed"));
245 flush the send&recv queues
246 void because nothing goes wrong here, packets
247 remain in the queue if something goes wrong
249 void flush_queues(conn_list_t *cl)
255 syslog(LOG_DEBUG, _("Flushing send queue for %s (%s)"),
256 cl->vpn_hostname, cl->real_hostname);
257 flush_queue(cl, &(cl->sq), xsend);
263 syslog(LOG_DEBUG, _("Flushing receive queue for %s (%s)"),
264 cl->vpn_hostname, cl->real_hostname);
265 flush_queue(cl, &(cl->rq), xrecv);
271 send a packet to the given vpn ip.
273 int send_packet(ip_t to, vpn_packet_t *packet)
277 if((cl = lookup_conn(to)) == NULL)
281 syslog(LOG_NOTICE, _("Trying to look up %d.%d.%d.%d in connection list failed!"),
285 /* Is this really necessary? If we can't find "to", then neither should any uplink. (GS) */
289 for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next);
291 { /* No open outgoing connection has been found. */
293 syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!"));
298 /* If we ourselves have indirectdata flag set, we should send only to our uplink! */
300 if(myself->flags & EXPORTINDIRECTDATA)
302 for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next);
304 { /* No open outgoing connection has been found. */
306 syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!"));
312 /* If indirectdata flag is set for the destination we just looked up,
313 * then real_ip is actually the vpn_ip of the gateway tincd
317 if(cl->flags & INDIRECTDATA)
320 syslog(LOG_NOTICE, _("Indirect packet to %s via %s"),
321 cl->vpn_hostname, cl->real_hostname);
322 if((cl = lookup_conn(cl->real_ip)) == NULL)
325 syslog(LOG_NOTICE, _("Indirect look up %d.%d.%d.%d in connection list failed!"),
328 /* Gateway tincd dead? Should we kill it? (GS) */
332 if(cl->flags & INDIRECTDATA) /* This should not happen */
335 syslog(LOG_NOTICE, _("Double indirection for %d.%d.%d.%d"),
341 if(my_key_expiry <= time(NULL))
344 if(!cl->status.dataopen)
345 if(setup_vpn_connection(cl) < 0)
347 syslog(LOG_ERR, _("Could not open UDP connection to %s (%s)"), cl->vpn_hostname, cl->real_hostname);
351 if(!cl->status.validkey)
354 syslog(LOG_INFO, _("%s (%s) has no valid key, queueing packet"), cl->vpn_hostname, cl->real_hostname);
355 add_queue(&(cl->sq), packet, packet->len + 2);
356 if(!cl->status.waitingforkey)
357 send_key_request(cl->vpn_ip); /* Keys should be sent to the host running the tincd */
361 if(!cl->status.active)
364 syslog(LOG_INFO, _("%s (%s) is not ready, queueing packet"), cl->vpn_hostname, cl->real_hostname);
365 add_queue(&(cl->sq), packet, packet->len + 2);
366 return 0; /* We don't want to mess up, do we? */
369 /* can we send it? can we? can we? huh? */
371 return xsend(cl, packet);
375 open the local ethertap device
377 int setup_tap_fd(void)
380 const char *tapfname;
383 if((cfg = get_config_val(tapdevice)) == NULL)
384 tapfname = "/dev/tap0";
386 tapfname = cfg->data.ptr;
388 if((nfd = open(tapfname, O_RDWR | O_NONBLOCK)) < 0)
390 syslog(LOG_ERR, _("Could not open %s: %m"), tapfname);
400 set up the socket that we listen on for incoming
403 int setup_listen_meta_socket(int port)
406 struct sockaddr_in a;
409 if((nfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
411 syslog(LOG_ERR, _("Creating metasocket failed: %m"));
415 if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
417 syslog(LOG_ERR, _("setsockopt: %m"));
421 flags = fcntl(nfd, F_GETFL);
422 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
424 syslog(LOG_ERR, _("fcntl: %m"));
428 memset(&a, 0, sizeof(a));
429 a.sin_family = AF_INET;
430 a.sin_port = htons(port);
431 a.sin_addr.s_addr = htonl(INADDR_ANY);
433 if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
435 syslog(LOG_ERR, _("Can't bind to port %hd/tcp: %m"), port);
441 syslog(LOG_ERR, _("listen: %m"));
449 setup the socket for incoming encrypted
452 int setup_vpn_in_socket(int port)
455 struct sockaddr_in a;
458 if((nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
460 syslog(LOG_ERR, _("Creating socket failed: %m"));
464 if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
466 syslog(LOG_ERR, _("setsockopt: %m"));
470 flags = fcntl(nfd, F_GETFL);
471 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
473 syslog(LOG_ERR, _("fcntl: %m"));
477 memset(&a, 0, sizeof(a));
478 a.sin_family = AF_INET;
479 a.sin_port = htons(port);
480 a.sin_addr.s_addr = htonl(INADDR_ANY);
482 if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
484 syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), port);
492 setup an outgoing meta (tcp) socket
494 int setup_outgoing_meta_socket(conn_list_t *cl)
497 struct sockaddr_in a;
501 syslog(LOG_INFO, _("Trying to connect to %s"), cl->real_hostname);
503 if((cfg = get_config_val(upstreamport)) == NULL)
506 cl->port = cfg->data.val;
508 cl->meta_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
509 if(cl->meta_socket == -1)
511 syslog(LOG_ERR, _("Creating socket for %s port %d failed: %m"),
512 cl->real_hostname, cl->port);
516 a.sin_family = AF_INET;
517 a.sin_port = htons(cl->port);
518 a.sin_addr.s_addr = htonl(cl->real_ip);
520 if(connect(cl->meta_socket, (struct sockaddr *)&a, sizeof(a)) == -1)
522 syslog(LOG_ERR, _("%s port %hd: %m"), cl->real_hostname, cl->port);
526 flags = fcntl(cl->meta_socket, F_GETFL);
527 if(fcntl(cl->meta_socket, F_SETFL, flags | O_NONBLOCK) < 0)
529 syslog(LOG_ERR, _("fcntl for %s port %d: %m"),
530 cl->real_hostname, cl->port);
535 syslog(LOG_INFO, _("Connected to %s port %hd"),
536 cl->real_hostname, cl->port);
542 setup an outgoing connection. It's not
543 necessary to also open an udp socket as
544 well, because the other host will initiate
545 an authentication sequence during which
546 we will do just that.
548 int setup_outgoing_connection(ip_t ip)
552 ncn = new_conn_list();
554 ncn->real_hostname = hostlookup(htonl(ip));
556 if(setup_outgoing_meta_socket(ncn) < 0)
558 syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
560 free_conn_element(ncn);
564 ncn->status.meta = 1;
565 ncn->status.outgoing = 1;
566 ncn->next = conn_list;
573 set up the local sockets (listen only)
575 int setup_myself(void)
579 myself = new_conn_list();
581 if(!(cfg = get_config_val(myvpnip)))
583 syslog(LOG_ERR, _("No value for my VPN IP given"));
587 myself->vpn_ip = cfg->data.ip->ip;
588 myself->vpn_hostname = hostlookup(htonl(myself->vpn_ip));
589 myself->real_hostname = hostlookup(htonl(myself->vpn_ip));
590 myself->vpn_mask = cfg->data.ip->mask;
593 if(!(cfg = get_config_val(listenport)))
596 myself->port = cfg->data.val;
598 if(cfg = get_config_val(indirectdata))
599 if(cfg->data.val == stupid_true)
600 myself->flags |= EXPORTINDIRECTDATA;
602 if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
604 syslog(LOG_ERR, _("Unable to set up a listening socket"));
608 if((myself->socket = setup_vpn_in_socket(myself->port)) < 0)
610 syslog(LOG_ERR, _("Unable to set up an incoming vpn data socket"));
611 close(myself->meta_socket);
615 myself->status.active = 1;
617 syslog(LOG_NOTICE, _("Ready: listening on port %hd"), myself->port);
623 sigalrm_handler(int a)
627 cfg = get_next_config_val(upstreamip, upstreamindex++);
631 if(!setup_outgoing_connection(cfg->data.ip->ip)) /* function returns 0 when there are no problems */
633 signal(SIGALRM, SIG_IGN);
636 cfg = get_next_config_val(upstreamip, upstreamindex++); /* Or else we try the next ConnectTo line */
639 signal(SIGALRM, sigalrm_handler);
641 seconds_till_retry += 5;
642 if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */
643 seconds_till_retry = MAXTIMEOUT;
644 syslog(LOG_ERR, _("Still failed to connect to other, will retry in %d seconds"),
646 alarm(seconds_till_retry);
651 setup all initial network connections
653 int setup_network_connections(void)
657 if((cfg = get_config_val(pingtimeout)) == NULL)
660 timeout = cfg->data.val;
662 if(setup_tap_fd() < 0)
665 if(setup_myself() < 0)
668 if((cfg = get_next_config_val(upstreamip, upstreamindex++)) == NULL)
669 /* No upstream IP given, we're listen only. */
674 if(!setup_outgoing_connection(cfg->data.ip->ip)) /* function returns 0 when there are no problems */
676 cfg = get_next_config_val(upstreamip, upstreamindex++); /* Or else we try the next ConnectTo line */
679 signal(SIGALRM, sigalrm_handler);
681 seconds_till_retry = MAXTIMEOUT;
682 syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry);
683 alarm(seconds_till_retry);
689 close all open network connections
691 void close_network_connections(void)
695 for(p = conn_list; p != NULL; p = p->next)
697 if(p->status.dataopen)
699 shutdown(p->socket, 0); /* No more receptions */
705 shutdown(p->meta_socket, 0); /* No more receptions */
706 close(p->meta_socket);
711 if(myself->status.active)
713 close(myself->meta_socket);
714 close(myself->socket);
720 syslog(LOG_NOTICE, _("Terminating"));
726 create a data (udp) socket
728 int setup_vpn_connection(conn_list_t *cl)
731 struct sockaddr_in a;
734 syslog(LOG_DEBUG, _("Opening UDP socket to %s"), cl->real_hostname);
736 nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
739 syslog(LOG_ERR, _("Creating UDP socket failed: %m"));
743 a.sin_family = AF_INET;
744 a.sin_port = htons(cl->port);
745 a.sin_addr.s_addr = htonl(cl->real_ip);
747 if(connect(nfd, (struct sockaddr *)&a, sizeof(a)) == -1)
749 syslog(LOG_ERR, _("Connecting to %s port %d failed: %m"),
750 cl->real_hostname, cl->port);
754 flags = fcntl(nfd, F_GETFL);
755 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
757 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd,
758 cl->vpn_hostname, cl->real_hostname);
763 cl->status.dataopen = 1;
769 handle an incoming tcp connect call and open
772 conn_list_t *create_new_connection(int sfd)
775 struct sockaddr_in ci;
776 int len = sizeof(ci);
780 if(getpeername(sfd, &ci, &len) < 0)
782 syslog(LOG_ERR, _("Error: getpeername: %m"));
786 p->real_ip = ntohl(ci.sin_addr.s_addr);
787 p->real_hostname = hostlookup(ci.sin_addr.s_addr);
788 p->meta_socket = sfd;
791 p->last_ping_time = time(NULL);
795 syslog(LOG_NOTICE, _("Connection from %s port %d"),
796 p->real_hostname, htons(ci.sin_port));
798 if(send_basic_info(p) < 0)
800 free_conn_element(p);
808 put all file descriptors in an fd_set array
810 void build_fdset(fd_set *fs)
816 for(p = conn_list; p != NULL; p = p->next)
819 FD_SET(p->meta_socket, fs);
820 if(p->status.dataopen)
821 FD_SET(p->socket, fs);
824 FD_SET(myself->meta_socket, fs);
825 FD_SET(myself->socket, fs);
831 receive incoming data from the listening
832 udp socket and write it to the ethertap
833 device after being decrypted
835 int handle_incoming_vpn_data(conn_list_t *cl)
839 int x, l = sizeof(x);
842 if(getsockopt(cl->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
844 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->socket,
845 cl->vpn_hostname, cl->real_hostname);
850 syslog(LOG_ERR, _("Incoming data socket error for %s (%s): %s"),
851 cl->vpn_hostname, cl->real_hostname, sys_errlist[x]);
856 lenin = recvfrom(cl->socket, &rp, MTU, 0, NULL, NULL);
859 syslog(LOG_ERR, _("Receiving packet from %s (%s) failed: %m"), cl->vpn_hostname, cl->real_hostname);
862 total_socket_in += lenin;
864 rp.data.len = ntohs(rp.data.len);
865 rp.len = ntohs(rp.len);
866 rp.from = ntohl(rp.from);
870 f = lookup_conn(rp.from);
873 syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
874 cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp.from));
878 if(f->status.validkey)
882 add_queue(&(f->rq), &rp, rp.len);
883 if(!cl->status.waitingforkey)
884 send_key_request(rp.from);
887 if(my_key_expiry <= time(NULL))
895 terminate a connection and notify the other
896 end before closing the sockets
898 void terminate_connection(conn_list_t *cl)
903 if(cl->status.remove)
907 syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
908 cl->vpn_hostname, cl->real_hostname);
910 if(cl->status.timeout)
912 /* else if(!cl->status.termreq)
919 close(cl->meta_socket);
921 cl->status.remove = 1;
923 /* If this cl isn't active, don't send any DEL_HOSTs. */
924 if(cl->status.active)
925 notify_others(cl,NULL,send_del_host);
928 /* Find all connections that were lost because they were behind cl
929 (the connection that was dropped). */
931 for(p = conn_list; p != NULL; p = p->next)
933 if((p->nexthop == cl) && (p != cl))
935 if(cl->status.active && p->status.active)
936 notify_others(p,cl,send_del_host);
939 p->status.active = 0;
940 p->status.remove = 1;
944 cl->status.active = 0;
946 if(cl->status.outgoing)
948 signal(SIGALRM, sigalrm_handler);
949 seconds_till_retry = 5;
950 alarm(seconds_till_retry);
951 syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in 5 seconds"));
957 Check if the other end is active.
958 If we have sent packets, but didn't receive any,
959 then possibly the other end is dead. We send a
960 PING request over the meta connection. If the other
961 end does not reply in time, we consider them dead
962 and close the connection.
964 int check_dead_connections(void)
970 for(p = conn_list; p != NULL; p = p->next)
974 if(p->status.active && p->status.meta)
976 if(p->last_ping_time + timeout < now)
978 if(p->status.pinged && !p->status.got_pong)
981 syslog(LOG_INFO, _("%s (%s) didn't respond to PING"),
982 p->vpn_hostname, p->real_hostname);
983 p->status.timeout = 1;
984 terminate_connection(p);
986 else if(p->want_ping)
989 p->last_ping_time = now;
990 p->status.pinged = 1;
991 p->status.got_pong = 0;
1001 accept a new tcp connect and create a
1004 int handle_new_meta_connection(conn_list_t *cl)
1007 struct sockaddr client;
1008 int nfd, len = sizeof(client);
1010 if((nfd = accept(cl->meta_socket, &client, &len)) < 0)
1012 syslog(LOG_ERR, _("Accepting a new connection failed: %m"));
1016 if(!(ncn = create_new_connection(nfd)))
1020 syslog(LOG_NOTICE, _("Closed attempted connection"));
1024 ncn->status.meta = 1;
1025 ncn->next = conn_list;
1032 dispatch any incoming meta requests
1034 int handle_incoming_meta_data(conn_list_t *cl)
1036 int x, l = sizeof(x);
1037 int request, oldlen, i;
1040 if(getsockopt(cl->meta_socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
1042 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->meta_socket,
1043 cl->vpn_hostname, cl->real_hostname);
1048 syslog(LOG_ERR, _("Metadata socket error for %s (%s): %s"),
1049 cl->vpn_hostname, cl->real_hostname, sys_errlist[x]);
1053 if(cl->buflen >= MAXBUFSIZE)
1055 syslog(LOG_ERR, _("Metadata read buffer overflow!"));
1059 lenin = read(cl->meta_socket, cl->buffer, MAXBUFSIZE-cl->buflen);
1067 syslog(LOG_NOTICE, _("Connection closed by %s (%s)"),
1068 cl->vpn_hostname, cl->real_hostname);
1070 syslog(LOG_ERR, _("Metadata socket read error for %s (%s): %m"),
1071 cl->vpn_hostname, cl->real_hostname);
1075 oldlen = cl->buflen;
1076 cl->buflen += lenin;
1082 for(i = oldlen; i < cl->buflen; i++)
1084 if(cl->buffer[i] == '\n')
1086 cl->buffer[i] = 0; /* replace end-of-line by end-of-string so we can use sscanf */
1095 syslog(LOG_DEBUG, _("Got request from %s (%s): %s"),
1096 cl->vpn_hostname, cl->real_hostname, cl->buffer);
1097 if(sscanf(cl->buffer, "%d", &request) == 1)
1099 if((request < 0) || (request > 255) || (request_handlers[request] == NULL))
1101 syslog(LOG_ERR, _("Unknown request from %s (%s)"),
1102 cl->vpn_hostname, cl->real_hostname);
1106 if(request_handlers[request](cl)) /* Something went wrong. Probably scriptkiddies. Terminate. */
1108 syslog(LOG_ERR, _("Error while processing request from %s (%s)"),
1109 cl->vpn_hostname, cl->real_hostname);
1115 syslog(LOG_ERR, _("Bogus data received from %s (%s)"),
1116 cl->vpn_hostname, cl->real_hostname);
1120 cl->buflen -= cl->reqlen;
1121 memmove(cl->buffer, cl->buffer + cl->reqlen, cl->buflen);
1130 cl->last_ping_time = time(NULL);
1137 check all connections to see if anything
1138 happened on their sockets
1140 void check_network_activity(fd_set *f)
1143 int x, l = sizeof(x);
1145 for(p = conn_list; p != NULL; p = p->next)
1147 if(p->status.remove)
1150 if(p->status.dataopen)
1151 if(FD_ISSET(p->socket, f))
1154 The only thing that can happen to get us here is apparently an
1155 error on this outgoing(!) UDP socket that isn't immediate (i.e.
1156 something that will not trigger an error directly on send()).
1157 I've once got here when it said `No route to host'.
1159 getsockopt(p->socket, SOL_SOCKET, SO_ERROR, &x, &l);
1160 syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"),
1161 p->vpn_hostname, p->real_hostname, sys_errlist[x]);
1162 terminate_connection(p);
1167 if(FD_ISSET(p->meta_socket, f))
1168 if(handle_incoming_meta_data(p) < 0)
1170 terminate_connection(p);
1175 if(FD_ISSET(myself->socket, f))
1176 handle_incoming_vpn_data(myself);
1178 if(FD_ISSET(myself->meta_socket, f))
1179 handle_new_meta_connection(myself);
1184 read, encrypt and send data that is
1185 available through the ethertap device
1187 void handle_tap_input(void)
1191 int ether_type, lenin;
1193 memset(&vp, 0, sizeof(vp));
1194 if((lenin = read(tap_fd, &vp, MTU)) <= 0)
1196 syslog(LOG_ERR, _("Error while reading from tapdevice: %m"));
1200 total_tap_in += lenin;
1202 ether_type = ntohs(*((unsigned short*)(&vp.data[12])));
1203 if(ether_type != 0x0800)
1206 syslog(LOG_INFO, _("Non-IP ethernet frame %04x from " MAC_ADDR_S),
1207 ether_type, MAC_ADDR_V(vp.data[6]));
1214 syslog(LOG_INFO, _("Dropping short packet"));
1218 from = ntohl(*((unsigned long*)(&vp.data[26])));
1219 to = ntohl(*((unsigned long*)(&vp.data[30])));
1221 vp.len = (length_t)lenin - 2;
1223 strip_mac_addresses(&vp);
1225 send_packet(to, &vp);
1230 this is where it all happens...
1232 void main_loop(void)
1237 time_t last_ping_check;
1239 last_ping_check = time(NULL);
1243 tv.tv_sec = timeout;
1249 if((r = select(FD_SETSIZE, &fset, NULL, NULL, &tv)) < 0)
1251 if(errno != EINTR) /* because of alarm */
1253 syslog(LOG_ERR, _("Error while waiting for input: %m"));
1261 close_network_connections();
1263 if(read_config_file(configfilename))
1265 syslog(LOG_ERR, _("Unable to reread configuration file, exiting"));
1269 setup_network_connections();
1273 if(last_ping_check + timeout < time(NULL))
1274 /* Let's check if everybody is still alive */
1276 check_dead_connections();
1277 last_ping_check = time(NULL);
1282 check_network_activity(&fset);
1284 /* local tap data */
1285 if(FD_ISSET(tap_fd, &fset))
projects / tinc / blob