2 net.c -- most of the network code
3 Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>,
4 2000 Guus Sliepen <guus@sliepen.warande.net>
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 $Id: net.c,v 1.35.4.17 2000/06/30 12:41:05 guus Exp $
25 #include <arpa/inet.h>
29 #include <netinet/in.h>
33 #include <sys/signal.h>
34 #include <sys/socket.h>
36 #include <sys/types.h>
55 int total_tap_out = 0;
56 int total_socket_in = 0;
57 int total_socket_out = 0;
59 int upstreamindex = 0;
60 static int seconds_till_retry;
62 /* The global list of existing connections */
63 conn_list_t *conn_list = NULL;
64 conn_list_t *myself = NULL;
67 strip off the MAC adresses of an ethernet frame
69 void strip_mac_addresses(vpn_packet_t *p)
71 unsigned char tmp[MAXSIZE];
73 memcpy(tmp, p->data, p->len);
75 memcpy(p->data, &tmp[12], p->len);
80 reassemble MAC addresses
82 void add_mac_addresses(vpn_packet_t *p)
84 unsigned char tmp[MAXSIZE];
86 memcpy(&tmp[12], p->data, p->len);
88 tmp[0] = tmp[6] = 0xfe;
89 tmp[1] = tmp[7] = 0xfd;
90 *((ip_t*)(&tmp[2])) = (ip_t)(htonl(myself->vpn_ip));
91 *((ip_t*)(&tmp[8])) = *((ip_t*)(&tmp[26]));
92 memcpy(p->data, &tmp[0], p->len);
96 int xsend(conn_list_t *cl, void *packet)
101 do_encrypt((vpn_packet_t*)packet, &rp, cl->key);
102 rp.from = htonl(myself->vpn_ip);
103 rp.data.len = htons(rp.data.len);
104 rp.len = htons(rp.len);
107 syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
108 ntohs(rp.len), cl->vpn_hostname, cl->real_hostname);
110 if((r = send(cl->socket, (char*)&rp, ntohs(rp.len), 0)) < 0)
112 syslog(LOG_ERR, _("Error sending packet to %s (%s): %m"),
113 cl->vpn_hostname, cl->real_hostname);
117 total_socket_out += r;
124 int xrecv(conn_list_t *cl, void *packet)
129 do_decrypt((real_packet_t*)packet, &vp, cl->key);
130 add_mac_addresses(&vp);
133 syslog(LOG_ERR, _("Receiving packet of %d bytes from %s (%s)"),
134 ((real_packet_t*)packet)->len, cl->vpn_hostname, cl->real_hostname);
136 if((lenin = write(tap_fd, &vp, vp.len + sizeof(vp.len))) < 0)
137 syslog(LOG_ERR, _("Can't write to tap device: %m"));
139 total_tap_out += lenin;
142 cl->last_ping_time = time(NULL);
148 add the given packet of size s to the
149 queue q, be it the send or receive queue
151 void add_queue(packet_queue_t **q, void *packet, size_t s)
155 e = xmalloc(sizeof(*e));
156 e->packet = xmalloc(s);
157 memcpy(e->packet, packet, s);
161 *q = xmalloc(sizeof(**q));
162 (*q)->head = (*q)->tail = NULL;
165 e->next = NULL; /* We insert at the tail */
167 if((*q)->tail) /* Do we have a tail? */
169 (*q)->tail->next = e;
170 e->prev = (*q)->tail;
172 else /* No tail -> no head too */
182 /* Remove a queue element */
183 void del_queue(packet_queue_t **q, queue_element_t *e)
188 if(e->next) /* There is a successor, so we are not tail */
190 if(e->prev) /* There is a predecessor, so we are not head */
192 e->next->prev = e->prev;
193 e->prev->next = e->next;
195 else /* We are head */
197 e->next->prev = NULL;
198 (*q)->head = e->next;
201 else /* We are tail (or all alone!) */
203 if(e->prev) /* We are not alone :) */
205 e->prev->next = NULL;
206 (*q)->tail = e->prev;
220 flush a queue by calling function for
221 each packet, and removing it when that
222 returned a zero exit code
224 void flush_queue(conn_list_t *cl, packet_queue_t **pq,
225 int (*function)(conn_list_t*,void*))
227 queue_element_t *p, *next = NULL;
229 for(p = (*pq)->head; p != NULL; )
233 if(!function(cl, p->packet))
240 syslog(LOG_DEBUG, _("Queue flushed"));
245 flush the send&recv queues
246 void because nothing goes wrong here, packets
247 remain in the queue if something goes wrong
249 void flush_queues(conn_list_t *cl)
255 syslog(LOG_DEBUG, _("Flushing send queue for %s (%s)"),
256 cl->vpn_hostname, cl->real_hostname);
257 flush_queue(cl, &(cl->sq), xsend);
263 syslog(LOG_DEBUG, _("Flushing receive queue for %s (%s)"),
264 cl->vpn_hostname, cl->real_hostname);
265 flush_queue(cl, &(cl->rq), xrecv);
271 send a packet to the given vpn ip.
273 int send_packet(ip_t to, vpn_packet_t *packet)
277 if((cl = lookup_conn(to)) == NULL)
281 syslog(LOG_NOTICE, _("Trying to look up %d.%d.%d.%d in connection list failed!"),
285 /* Is this really necessary? If we can't find "to", then neither should any uplink. (GS) */
289 for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next);
291 { /* No open outgoing connection has been found. */
293 syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!"));
298 /* If we ourselves have indirectdata flag set, we should send only to our uplink! */
300 if(myself->flags & EXPORTINDIRECTDATA)
302 for(cl = conn_list; cl != NULL && !cl->status.outgoing; cl = cl->next);
304 { /* No open outgoing connection has been found. */
306 syslog(LOG_NOTICE, _("There is no remote host I can send this packet to!"));
312 /* If indirectdata flag is set for the destination we just looked up,
313 * then real_ip is actually the vpn_ip of the gateway tincd
317 if(cl->flags & INDIRECTDATA)
320 syslog(LOG_NOTICE, _("Indirect packet to %s via %s"),
321 cl->vpn_hostname, cl->real_hostname);
322 if((cl = lookup_conn(cl->real_ip)) == NULL)
325 syslog(LOG_NOTICE, _("Indirect look up %d.%d.%d.%d in connection list failed!"),
328 /* Gateway tincd dead? Should we kill it? (GS) */
332 if(cl->flags & INDIRECTDATA) /* This should not happen */
335 syslog(LOG_NOTICE, _("Double indirection for %d.%d.%d.%d"),
341 if(my_key_expiry <= time(NULL))
344 if(!cl->status.dataopen)
345 if(setup_vpn_connection(cl) < 0)
347 syslog(LOG_ERR, _("Could not open UDP connection to %s (%s)"), cl->vpn_hostname, cl->real_hostname);
351 if(!cl->status.validkey)
354 syslog(LOG_INFO, _("%s (%s) has no valid key, queueing packet"), cl->vpn_hostname, cl->real_hostname);
355 add_queue(&(cl->sq), packet, packet->len + 2);
356 if(!cl->status.waitingforkey)
357 send_key_request(cl->vpn_ip); /* Keys should be sent to the host running the tincd */
361 if(!cl->status.active)
364 syslog(LOG_INFO, _("%s (%s) is not ready, queueing packet"), cl->vpn_hostname, cl->real_hostname);
365 add_queue(&(cl->sq), packet, packet->len + 2);
366 return 0; /* We don't want to mess up, do we? */
369 /* can we send it? can we? can we? huh? */
371 return xsend(cl, packet);
375 open the local ethertap device
377 int setup_tap_fd(void)
380 const char *tapfname;
383 if((cfg = get_config_val(tapdevice)) == NULL)
384 tapfname = "/dev/tap0";
386 tapfname = cfg->data.ptr;
388 if((nfd = open(tapfname, O_RDWR | O_NONBLOCK)) < 0)
390 syslog(LOG_ERR, _("Could not open %s: %m"), tapfname);
400 set up the socket that we listen on for incoming
403 int setup_listen_meta_socket(int port)
406 struct sockaddr_in a;
409 if((nfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
411 syslog(LOG_ERR, _("Creating metasocket failed: %m"));
415 if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
417 syslog(LOG_ERR, _("setsockopt: %m"));
421 flags = fcntl(nfd, F_GETFL);
422 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
424 syslog(LOG_ERR, _("fcntl: %m"));
428 memset(&a, 0, sizeof(a));
429 a.sin_family = AF_INET;
430 a.sin_port = htons(port);
431 a.sin_addr.s_addr = htonl(INADDR_ANY);
433 if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
435 syslog(LOG_ERR, _("Can't bind to port %hd/tcp: %m"), port);
441 syslog(LOG_ERR, _("listen: %m"));
449 setup the socket for incoming encrypted
452 int setup_vpn_in_socket(int port)
455 struct sockaddr_in a;
458 if((nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
460 syslog(LOG_ERR, _("Creating socket failed: %m"));
464 if(setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)))
466 syslog(LOG_ERR, _("setsockopt: %m"));
470 flags = fcntl(nfd, F_GETFL);
471 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
473 syslog(LOG_ERR, _("fcntl: %m"));
477 memset(&a, 0, sizeof(a));
478 a.sin_family = AF_INET;
479 a.sin_port = htons(port);
480 a.sin_addr.s_addr = htonl(INADDR_ANY);
482 if(bind(nfd, (struct sockaddr *)&a, sizeof(struct sockaddr)))
484 syslog(LOG_ERR, _("Can't bind to port %hd/udp: %m"), port);
492 setup an outgoing meta (tcp) socket
494 int setup_outgoing_meta_socket(conn_list_t *cl)
497 struct sockaddr_in a;
501 syslog(LOG_INFO, _("Trying to connect to %s"), cl->real_hostname);
503 if((cfg = get_config_val(upstreamport)) == NULL)
506 cl->port = cfg->data.val;
508 cl->meta_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
509 if(cl->meta_socket == -1)
511 syslog(LOG_ERR, _("Creating socket for %s port %d failed: %m"),
512 cl->real_hostname, cl->port);
516 a.sin_family = AF_INET;
517 a.sin_port = htons(cl->port);
518 a.sin_addr.s_addr = htonl(cl->real_ip);
520 if(connect(cl->meta_socket, (struct sockaddr *)&a, sizeof(a)) == -1)
522 syslog(LOG_ERR, _("%s port %hd: %m"), cl->real_hostname, cl->port);
526 flags = fcntl(cl->meta_socket, F_GETFL);
527 if(fcntl(cl->meta_socket, F_SETFL, flags | O_NONBLOCK) < 0)
529 syslog(LOG_ERR, _("fcntl for %s port %d: %m"),
530 cl->real_hostname, cl->port);
534 syslog(LOG_INFO, _("Connected to %s port %hd"),
535 cl->real_hostname, cl->port);
541 setup an outgoing connection. It's not
542 necessary to also open an udp socket as
543 well, because the other host will initiate
544 an authentication sequence during which
545 we will do just that.
547 int setup_outgoing_connection(ip_t ip)
551 ncn = new_conn_list();
553 ncn->real_hostname = hostlookup(htonl(ip));
555 if(setup_outgoing_meta_socket(ncn) < 0)
557 syslog(LOG_ERR, _("Could not set up a meta connection to %s"),
559 free_conn_element(ncn);
563 ncn->status.meta = 1;
564 ncn->status.outgoing = 1;
565 ncn->next = conn_list;
572 set up the local sockets (listen only)
574 int setup_myself(void)
578 myself = new_conn_list();
580 if(!(cfg = get_config_val(myvpnip)))
582 syslog(LOG_ERR, _("No value for my VPN IP given"));
586 myself->vpn_ip = cfg->data.ip->ip;
587 myself->vpn_hostname = hostlookup(htonl(myself->vpn_ip));
588 myself->real_hostname = hostlookup(htonl(myself->vpn_ip));
589 myself->vpn_mask = cfg->data.ip->mask;
592 if(!(cfg = get_config_val(listenport)))
595 myself->port = cfg->data.val;
597 if(cfg = get_config_val(indirectdata))
598 if(cfg->data.val == stupid_true)
599 myself->flags |= EXPORTINDIRECTDATA;
601 if((myself->meta_socket = setup_listen_meta_socket(myself->port)) < 0)
603 syslog(LOG_ERR, _("Unable to set up a listening socket"));
607 if((myself->socket = setup_vpn_in_socket(myself->port)) < 0)
609 syslog(LOG_ERR, _("Unable to set up an incoming vpn data socket"));
610 close(myself->meta_socket);
614 myself->status.active = 1;
616 syslog(LOG_NOTICE, _("Ready: listening on port %hd"), myself->port);
622 sigalrm_handler(int a)
626 cfg = get_next_config_val(upstreamip, upstreamindex++);
630 if(!setup_outgoing_connection(cfg->data.ip->ip)) /* function returns 0 when there are no problems */
632 signal(SIGALRM, SIG_IGN);
635 cfg = get_next_config_val(upstreamip, upstreamindex++); /* Or else we try the next ConnectTo line */
638 signal(SIGALRM, sigalrm_handler);
640 seconds_till_retry += 5;
641 if(seconds_till_retry > MAXTIMEOUT) /* Don't wait more than MAXTIMEOUT seconds. */
642 seconds_till_retry = MAXTIMEOUT;
643 syslog(LOG_ERR, _("Still failed to connect to other, will retry in %d seconds"),
645 alarm(seconds_till_retry);
650 setup all initial network connections
652 int setup_network_connections(void)
656 if((cfg = get_config_val(pingtimeout)) == NULL)
659 timeout = cfg->data.val;
661 if(setup_tap_fd() < 0)
664 if(setup_myself() < 0)
667 if((cfg = get_next_config_val(upstreamip, upstreamindex++)) == NULL)
668 /* No upstream IP given, we're listen only. */
673 if(!setup_outgoing_connection(cfg->data.ip->ip)) /* function returns 0 when there are no problems */
675 cfg = get_next_config_val(upstreamip, upstreamindex++); /* Or else we try the next ConnectTo line */
678 signal(SIGALRM, sigalrm_handler);
680 seconds_till_retry = MAXTIMEOUT;
681 syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in %d seconds"), seconds_till_retry);
682 alarm(seconds_till_retry);
688 close all open network connections
690 void close_network_connections(void)
694 for(p = conn_list; p != NULL; p = p->next)
696 if(p->status.dataopen)
698 shutdown(p->socket, 0); /* No more receptions */
704 shutdown(p->meta_socket, 0); /* No more receptions */
705 close(p->meta_socket);
710 if(myself->status.active)
712 close(myself->meta_socket);
713 close(myself->socket);
719 syslog(LOG_NOTICE, _("Terminating"));
725 create a data (udp) socket
727 int setup_vpn_connection(conn_list_t *cl)
730 struct sockaddr_in a;
733 syslog(LOG_DEBUG, _("Opening UDP socket to %s"), cl->real_hostname);
735 nfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
738 syslog(LOG_ERR, _("Creating UDP socket failed: %m"));
742 a.sin_family = AF_INET;
743 a.sin_port = htons(cl->port);
744 a.sin_addr.s_addr = htonl(cl->real_ip);
746 if(connect(nfd, (struct sockaddr *)&a, sizeof(a)) == -1)
748 syslog(LOG_ERR, _("Connecting to %s port %d failed: %m"),
749 cl->real_hostname, cl->port);
753 flags = fcntl(nfd, F_GETFL);
754 if(fcntl(nfd, F_SETFL, flags | O_NONBLOCK) < 0)
756 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, nfd,
757 cl->vpn_hostname, cl->real_hostname);
762 cl->status.dataopen = 1;
768 handle an incoming tcp connect call and open
771 conn_list_t *create_new_connection(int sfd)
774 struct sockaddr_in ci;
775 int len = sizeof(ci);
779 if(getpeername(sfd, &ci, &len) < 0)
781 syslog(LOG_ERR, _("Error: getpeername: %m"));
785 p->real_ip = ntohl(ci.sin_addr.s_addr);
786 p->real_hostname = hostlookup(ci.sin_addr.s_addr);
787 p->meta_socket = sfd;
790 p->last_ping_time = time(NULL);
794 syslog(LOG_NOTICE, _("Connection from %s port %d"),
795 p->real_hostname, htons(ci.sin_port));
797 if(send_basic_info(p) < 0)
799 free_conn_element(p);
807 put all file descriptors in an fd_set array
809 void build_fdset(fd_set *fs)
815 for(p = conn_list; p != NULL; p = p->next)
818 FD_SET(p->meta_socket, fs);
819 if(p->status.dataopen)
820 FD_SET(p->socket, fs);
823 FD_SET(myself->meta_socket, fs);
824 FD_SET(myself->socket, fs);
830 receive incoming data from the listening
831 udp socket and write it to the ethertap
832 device after being decrypted
834 int handle_incoming_vpn_data(conn_list_t *cl)
838 int x, l = sizeof(x);
841 if(getsockopt(cl->socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
843 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->socket,
844 cl->vpn_hostname, cl->real_hostname);
849 syslog(LOG_ERR, _("Incoming data socket error for %s (%s): %s"),
850 cl->vpn_hostname, cl->real_hostname, sys_errlist[x]);
855 lenin = recvfrom(cl->socket, &rp, MTU, 0, NULL, NULL);
858 syslog(LOG_ERR, _("Receiving packet from %s (%s) failed: %m"), cl->vpn_hostname, cl->real_hostname);
861 total_socket_in += lenin;
863 rp.data.len = ntohs(rp.data.len);
864 rp.len = ntohs(rp.len);
865 rp.from = ntohl(rp.from);
869 f = lookup_conn(rp.from);
872 syslog(LOG_ERR, _("Got packet from %s (%s) with unknown origin %d.%d.%d.%d?"),
873 cl->vpn_hostname, cl->real_hostname, IP_ADDR_V(rp.from));
877 if(f->status.validkey)
881 add_queue(&(f->rq), &rp, rp.len);
882 if(!cl->status.waitingforkey)
883 send_key_request(rp.from);
886 if(my_key_expiry <= time(NULL))
894 terminate a connection and notify the other
895 end before closing the sockets
897 void terminate_connection(conn_list_t *cl)
902 if(cl->status.remove)
906 syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
907 cl->vpn_hostname, cl->real_hostname);
909 if(cl->status.timeout)
911 /* else if(!cl->status.termreq)
918 close(cl->meta_socket);
920 cl->status.remove = 1;
922 /* If this cl isn't active, don't send any DEL_HOSTs. */
923 if(cl->status.active)
924 notify_others(cl,NULL,send_del_host);
927 /* Find all connections that were lost because they were behind cl
928 (the connection that was dropped). */
930 for(p = conn_list; p != NULL; p = p->next)
932 if((p->nexthop == cl) && (p != cl))
934 if(cl->status.active && p->status.active)
935 notify_others(p,cl,send_del_host);
938 p->status.active = 0;
939 p->status.remove = 1;
943 cl->status.active = 0;
945 if(cl->status.outgoing)
947 signal(SIGALRM, sigalrm_handler);
948 seconds_till_retry = 5;
949 alarm(seconds_till_retry);
950 syslog(LOG_NOTICE, _("Trying to re-establish outgoing connection in 5 seconds"));
956 Check if the other end is active.
957 If we have sent packets, but didn't receive any,
958 then possibly the other end is dead. We send a
959 PING request over the meta connection. If the other
960 end does not reply in time, we consider them dead
961 and close the connection.
963 int check_dead_connections(void)
969 for(p = conn_list; p != NULL; p = p->next)
973 if(p->status.active && p->status.meta)
975 if(p->last_ping_time + timeout < now)
977 if(p->status.pinged && !p->status.got_pong)
980 syslog(LOG_INFO, _("%s (%s) didn't respond to PING"),
981 p->vpn_hostname, p->real_hostname);
982 p->status.timeout = 1;
983 terminate_connection(p);
985 else if(p->want_ping)
988 p->last_ping_time = now;
989 p->status.pinged = 1;
990 p->status.got_pong = 0;
1000 accept a new tcp connect and create a
1003 int handle_new_meta_connection(conn_list_t *cl)
1006 struct sockaddr client;
1007 int nfd, len = sizeof(client);
1009 if((nfd = accept(cl->meta_socket, &client, &len)) < 0)
1011 syslog(LOG_ERR, _("Accepting a new connection failed: %m"));
1015 if(!(ncn = create_new_connection(nfd)))
1019 syslog(LOG_NOTICE, _("Closed attempted connection"));
1023 ncn->status.meta = 1;
1024 ncn->next = conn_list;
1031 dispatch any incoming meta requests
1033 int handle_incoming_meta_data(conn_list_t *cl)
1035 int x, l = sizeof(x);
1036 int request, oldlen, i;
1039 if(getsockopt(cl->meta_socket, SOL_SOCKET, SO_ERROR, &x, &l) < 0)
1041 syslog(LOG_ERR, _("This is a bug: %s:%d: %d:%m %s (%s)"), __FILE__, __LINE__, cl->meta_socket,
1042 cl->vpn_hostname, cl->real_hostname);
1047 syslog(LOG_ERR, _("Metadata socket error for %s (%s): %s"),
1048 cl->vpn_hostname, cl->real_hostname, sys_errlist[x]);
1052 if(cl->buflen >= MAXBUFSIZE)
1054 syslog(LOG_ERR, _("Metadata read buffer overflow!"));
1058 lenin = read(cl->meta_socket, cl->buffer, MAXBUFSIZE-cl->buflen);
1066 syslog(LOG_NOTICE, _("Connection closed by %s (%s)"),
1067 cl->vpn_hostname, cl->real_hostname);
1069 syslog(LOG_ERR, _("Metadata socket read error for %s (%s): %m"),
1070 cl->vpn_hostname, cl->real_hostname);
1074 oldlen = cl->buflen;
1075 cl->buflen += lenin;
1081 for(i = oldlen; i < cl->buflen; i++)
1083 if(cl->buffer[i] == '\n')
1085 cl->buffer[i] = 0; /* replace end-of-line by end-of-string so we can use sscanf */
1094 syslog(LOG_DEBUG, _("Got request from %s (%s): %s"),
1095 cl->vpn_hostname, cl->real_hostname, cl->buffer);
1096 if(sscanf(cl->buffer, "%d", &request) == 1)
1098 if((request < 0) || (request > 255) || (request_handlers[request] == NULL))
1100 syslog(LOG_ERR, _("Unknown request from %s (%s)"),
1101 cl->vpn_hostname, cl->real_hostname);
1105 if(request_handlers[request](cl)) /* Something went wrong. Probably scriptkiddies. Terminate. */
1107 syslog(LOG_ERR, _("Error while processing request from %s (%s)"),
1108 cl->vpn_hostname, cl->real_hostname);
1114 syslog(LOG_ERR, _("Bogus data received from %s (%s)"),
1115 cl->vpn_hostname, cl->real_hostname);
1119 cl->buflen -= cl->reqlen;
1120 memmove(cl->buffer, cl->buffer + cl->reqlen, cl->buflen);
1129 cl->last_ping_time = time(NULL);
1136 check all connections to see if anything
1137 happened on their sockets
1139 void check_network_activity(fd_set *f)
1142 int x, l = sizeof(x);
1144 for(p = conn_list; p != NULL; p = p->next)
1146 if(p->status.remove)
1149 if(p->status.dataopen)
1150 if(FD_ISSET(p->socket, f))
1153 The only thing that can happen to get us here is apparently an
1154 error on this outgoing(!) UDP socket that isn't immediate (i.e.
1155 something that will not trigger an error directly on send()).
1156 I've once got here when it said `No route to host'.
1158 getsockopt(p->socket, SOL_SOCKET, SO_ERROR, &x, &l);
1159 syslog(LOG_ERR, _("Outgoing data socket error for %s (%s): %s"),
1160 p->vpn_hostname, p->real_hostname, sys_errlist[x]);
1161 terminate_connection(p);
1166 if(FD_ISSET(p->meta_socket, f))
1167 if(handle_incoming_meta_data(p) < 0)
1169 terminate_connection(p);
1174 if(FD_ISSET(myself->socket, f))
1175 handle_incoming_vpn_data(myself);
1177 if(FD_ISSET(myself->meta_socket, f))
1178 handle_new_meta_connection(myself);
1183 read, encrypt and send data that is
1184 available through the ethertap device
1186 void handle_tap_input(void)
1190 int ether_type, lenin;
1192 memset(&vp, 0, sizeof(vp));
1193 if((lenin = read(tap_fd, &vp, MTU)) <= 0)
1195 syslog(LOG_ERR, _("Error while reading from tapdevice: %m"));
1199 total_tap_in += lenin;
1201 ether_type = ntohs(*((unsigned short*)(&vp.data[12])));
1202 if(ether_type != 0x0800)
1205 syslog(LOG_INFO, _("Non-IP ethernet frame %04x from " MAC_ADDR_S),
1206 ether_type, MAC_ADDR_V(vp.data[6]));
1213 syslog(LOG_INFO, _("Dropping short packet"));
1217 from = ntohl(*((unsigned long*)(&vp.data[26])));
1218 to = ntohl(*((unsigned long*)(&vp.data[30])));
1220 vp.len = (length_t)lenin - 2;
1222 strip_mac_addresses(&vp);
1224 send_packet(to, &vp);
1229 this is where it all happens...
1231 void main_loop(void)
1236 time_t last_ping_check;
1238 last_ping_check = time(NULL);
1242 tv.tv_sec = timeout;
1248 if((r = select(FD_SETSIZE, &fset, NULL, NULL, &tv)) < 0)
1250 if(errno != EINTR) /* because of alarm */
1252 syslog(LOG_ERR, _("Error while waiting for input: %m"));
1260 close_network_connections();
1262 if(read_config_file(configfilename))
1264 syslog(LOG_ERR, _("Unable to reread configuration file, exiting"));
1268 setup_network_connections();
1272 if(last_ping_check + timeout < time(NULL))
1273 /* Let's check if everybody is still alive */
1275 check_dead_connections();
1276 last_ping_check = time(NULL);
1281 check_network_activity(&fset);
1283 /* local tap data */
1284 if(FD_ISSET(tap_fd, &fset))