When no session key is known for a node, or when it is doing PMTU discovery but
no MTU probes have returned yet, packets are sent via TCP. Some logic is added
to make sure intermediate nodes continue forwarding via TCP. The per-node
packet queue is now no longer necessary and has been removed.
/* check input from kernel */
if(FD_ISSET(device_fd, readset)) {
/* check input from kernel */
if(FD_ISSET(device_fd, readset)) {
- if(read_packet(&packet))
+ if(read_packet(&packet)) {
+ packet.priority = 0;
}
/* check meta connections */
}
/* check meta connections */
#define MAXSOCKETS 128 /* Overkill... */
#define MAXSOCKETS 128 /* Overkill... */
-#define MAXQUEUELENGTH 8 /* Maximum number of packats in a single queue */
-
typedef struct mac_t {
uint8_t x[6];
} mac_t;
typedef struct mac_t {
uint8_t x[6];
} mac_t;
memset(packet.data, 0, 14);
RAND_pseudo_bytes(packet.data + 14, len - 14);
packet.len = len;
memset(packet.data, 0, 14);
RAND_pseudo_bytes(packet.data + 14, len - 14);
packet.len = len;
ifdebug(TRAFFIC) logger(LOG_INFO, _("Sending MTU probe length %d to %s (%s)"), len, n->name, n->hostname);
ifdebug(TRAFFIC) logger(LOG_INFO, _("Sending MTU probe length %d to %s (%s)"), len, n->name, n->hostname);
if(n->connection)
n->connection->last_ping_time = now;
if(n->connection)
n->connection->last_ping_time = now;
+ if(c->options & OPTION_TCPONLY)
+ outpkt.priority = 0;
+ else
+ outpkt.priority = -1;
memcpy(outpkt.data, buffer, len);
receive_packet(c->node, &outpkt);
memcpy(outpkt.data, buffer, len);
receive_packet(c->node, &outpkt);
vpn_packet_t *outpkt;
int origlen;
int outlen, outpad;
vpn_packet_t *outpkt;
int origlen;
int outlen, outpad;
static int priority = 0;
int origpriority;
int sock;
static int priority = 0;
int origpriority;
int sock;
if(!n->status.validkey) {
ifdebug(TRAFFIC) logger(LOG_INFO,
if(!n->status.validkey) {
ifdebug(TRAFFIC) logger(LOG_INFO,
- _("No valid key known yet for %s (%s), queueing packet"),
+ _("No valid key known yet for %s (%s), forwarding via TCP"),
- /* Since packet is on the stack of handle_tap_input(), we have to make a copy of it first. */
-
- *(copy = xmalloc(sizeof(*copy))) = *inpkt;
-
- list_insert_tail(n->queue, copy);
-
- if(n->queue->count > MAXQUEUELENGTH)
- list_delete_head(n->queue);
-
if(!n->status.waitingforkey)
send_req_key(n->nexthop->connection, myself, n);
n->status.waitingforkey = true;
if(!n->status.waitingforkey)
send_req_key(n->nexthop->connection, myself, n);
n->status.waitingforkey = true;
+ send_tcppacket(n->nexthop->connection, origpkt);
+
+ if(!n->minmtu && (inpkt->data[12] | inpkt->data[13])) {
+ ifdebug(TRAFFIC) logger(LOG_INFO,
+ _("No minimum MTU established yet for %s (%s), forwarding via TCP"),
+ n->name, n->hostname);
+
+ send_tcppacket(n->nexthop->connection, origpkt);
+ }
+
origlen = inpkt->len;
origpriority = inpkt->priority;
origlen = inpkt->len;
origpriority = inpkt->priority;
- via = (n->via == myself) ? n->nexthop : n->via;
+ via = (packet->priority == -1 || n->via == myself) ? n->nexthop : n->via;
- ifdebug(TRAFFIC) logger(LOG_ERR, _("Sending packet to %s via %s (%s)"),
+ ifdebug(TRAFFIC) logger(LOG_INFO, _("Sending packet to %s via %s (%s)"),
n->name, via->name, n->via->hostname);
n->name, via->name, n->via->hostname);
- if((myself->options | via->options) & OPTION_TCPONLY) {
+ if(packet->priority == -1 || ((myself->options | via->options) & OPTION_TCPONLY)) {
if(!send_tcppacket(via->connection, packet))
terminate_connection(via->connection, true);
} else
if(!send_tcppacket(via->connection, packet))
terminate_connection(via->connection, true);
} else
-void flush_queue(node_t *n)
-{
- list_node_t *node, *next;
-
- cp();
-
- ifdebug(TRAFFIC) logger(LOG_INFO, _("Flushing queue for %s (%s)"), n->name, n->hostname);
-
- for(node = n->queue->head; node; node = next) {
- next = node->next;
- send_udppacket(n, node->data);
- list_delete_node(n->queue, node);
- }
-}
-
void handle_incoming_vpn_data(int sock)
{
vpn_packet_t pkt;
void handle_incoming_vpn_data(int sock)
{
vpn_packet_t pkt;
n->subnet_tree = new_subnet_tree();
n->edge_tree = new_edge_tree();
n->subnet_tree = new_subnet_tree();
n->edge_tree = new_edge_tree();
- n->queue = list_alloc((list_action_t) free);
EVP_CIPHER_CTX_init(&n->packet_ctx);
n->mtu = MTU;
n->maxmtu = MTU;
EVP_CIPHER_CTX_init(&n->packet_ctx);
n->mtu = MTU;
n->maxmtu = MTU;
- if(n->queue)
- list_delete_list(n->queue);
-
int compression; /* Compressionlevel, 0 = no compression */
int compression; /* Compressionlevel, 0 = no compression */
- list_t *queue; /* Queue for packets awaiting to be encrypted */
-
struct node_t *nexthop; /* nearest node from us to him */
struct node_t *via; /* next hop for UDP packets */
struct node_t *nexthop; /* nearest node from us to him */
struct node_t *via; /* next hop for UDP packets */
if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes)
send_mtu_probe(from);
if(from->options & OPTION_PMTU_DISCOVERY && !from->mtuprobes)
send_mtu_probe(from);
if(!checklength(source, packet, ether_size + ip_size))
return;
if(!checklength(source, packet, ether_size + ip_size))
return;
- if(((packet->data[30] & 0xf0) == 0xe0) ||
+ if(((packet->data[30] & 0xf0) == 0xe0) || (
packet->data[30] == 255 &&
packet->data[31] == 255 &&
packet->data[32] == 255 &&
packet->data[30] == 255 &&
packet->data[31] == 255 &&
packet->data[32] == 255 &&
- packet->data[33] == 255)
+ packet->data[33] == 255))
broadcast_packet(source, packet);
else
route_ipv4_unicast(source, packet);
broadcast_packet(source, packet);
else
route_ipv4_unicast(source, packet);
if (logfilename) free(logfilename);
if (myport) free(myport);
if (device) free(device);
if (logfilename) free(logfilename);
if (myport) free(myport);
if (device) free(device);
+ if (iface) free(iface);
if (confbase) free(confbase);
EVP_cleanup();
if (confbase) free(confbase);
EVP_cleanup();