- Use ping timeout mechanism to close connections that don't authenticate

[tinc] / src / net.c

diff --git a/src/net.c b/src/net.c
index 7a2a8e7..e96ae51 100644 (file)
--- a/src/net.c
+++ b/src/net.c
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
-    $Id: net.c,v 1.35.4.131 2001/09/24 14:12:00 guus Exp $
+    $Id: net.c,v 1.35.4.136 2001/10/08 13:37:30 guus Exp $
 */
 
 #include "config.h"
@@ -230,7 +230,7 @@ cp
 */
 void send_packet(connection_t *cl, vpn_packet_t *packet)
 {
-  connection_t *hop;
+  connection_t *via;
 cp
   if(debug_lvl >= DEBUG_TRAFFIC)
     syslog(LOG_ERR, _("Sending packet of %d bytes to %s (%s)"),
@@ -255,28 +255,22 @@ cp
       return;
     }
 
-  if(myself->options & OPTION_TCPONLY)
-    {
-      if(send_tcppacket(cl->nexthop, packet))
-        terminate_connection(cl->nexthop, 1);
-    }
+  if(cl->via == myself)
+    via = cl->nexthop;
   else
-    {
-      if(myself->options & OPTION_INDIRECT)
-        send_udppacket(cl->nexthop, packet);
-      else
-        {
-          hop = cl;
+    via = cl->via;
 
-          while(hop->options & OPTION_INDIRECT)
-            if(hop->lastbutonehop == myself)
-              break;
-            else
-              hop = hop->lastbutonehop;
+  if(via != cl && debug_lvl >= DEBUG_TRAFFIC)
+    syslog(LOG_ERR, _("Sending packet to %s via %s (%s)"),
+           cl->name, via->name, via->hostname);
 
-          send_udppacket(hop, packet);
-        }
+  if((myself->options | via->options) & OPTION_TCPONLY)
+    {
+      if(send_tcppacket(via, packet))
+        terminate_connection(via, 1);
     }
+  else
+    send_udppacket(via, packet);
 }
 
 /* Broadcast a packet to all active direct connections */
@@ -976,6 +970,9 @@ cp
 cp
   /* Done */
 
+  myself->nexthop = myself;
+  myself->prevhop = myself;
+  myself->via = myself;
   myself->status.active = 1;
   id_add(myself);
 
@@ -1003,7 +1000,7 @@ cp
     {
       if(setup_outgoing_connection(cfg->data.ptr))   /* function returns 0 when there are no problems */
         retry = 1;
-      cfg = get_config_val(cfg, config_connectto); /* Or else we try the next ConnectTo line */
+      cfg = get_config_val(cfg->next, config_connectto); /* Or else we try the next ConnectTo line */
     }
 
   if(retry)
@@ -1287,17 +1284,18 @@ cp
 void check_dead_connections(void)
 {
   time_t now;
-  avl_node_t *node;
+  avl_node_t *node, *next;
   connection_t *cl;
 cp
   now = time(NULL);
 
-  for(node = connection_tree->head; node; node = node->next)
+  for(node = connection_tree->head; node; node = next)
     {
+      next = node->next;
       cl = (connection_t *)node->data;
-      if(cl->status.active)
+      if(cl->last_ping_time + timeout < now)
         {
-          if(cl->last_ping_time + timeout < now)
+          if(cl->status.active)
             {
               if(cl->status.pinged)
                 {
@@ -1312,6 +1310,13 @@ cp
                   send_ping(cl);
                 }
             }
+          else
+            {
+              if(debug_lvl >= DEBUG_CONNECTIONS)
+                syslog(LOG_WARNING, _("Timeout from %s (%s) during authentication"),
+                       cl->name, cl->hostname);
+              terminate_connection(cl, 0);
+            }
         }
     }
 cp
@@ -1370,7 +1375,7 @@ cp
       if(FD_ISSET(p->meta_socket, f))
        if(receive_meta(p) < 0)
          {
-           terminate_connection(p, p->status.meta);
+           terminate_connection(p, p->status.active);
            return;
          }
     }