int keylifetime = 0;
int keyexpires = 0;
-EVP_CIPHER_CTX packet_ctx;
static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999_MEM_COMPRESS : LZO1X_1_MEM_COMPRESS];
static void send_udppacket(node_t *, vpn_packet_t *);
n->mtuprobes++;
n->mtuevent = NULL;
+ if(!n->status.reachable) {
+ logger(LOG_DEBUG, _("Trying to send MTU probe to unreachable node %s (%s)"), n->name, n->hostname);
+ return;
+ }
+
if(n->mtuprobes >= 10 && !n->minmtu) {
ifdebug(TRAFFIC) logger(LOG_INFO, _("No response to MTU probes from %s (%s)"), n->name, n->hostname);
return;
event_add(n->mtuevent);
}
-void mtu_probe_h(node_t *n, vpn_packet_t *packet) {
+void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
ifdebug(TRAFFIC) logger(LOG_INFO, _("Got MTU probe length %d from %s (%s)"), packet->len, n->name, n->hostname);
if(!packet->data[0]) {
packet->data[0] = 1;
send_packet(n, packet);
} else {
- if(n->minmtu < packet->len)
- n->minmtu = packet->len;
+ if(n->minmtu < len)
+ n->minmtu = len;
}
}
/* Decompress the packet */
+ length_t origlen = inpkt->len;
+
if(n->incompression) {
outpkt = pkt[nextpkt++];
}
inpkt = outpkt;
+
+ origlen -= MTU/64 + 20;
}
inpkt->priority = 0;
n->connection->last_ping_time = now;
if(!inpkt->data[12] && !inpkt->data[13])
- mtu_probe_h(n, inpkt);
+ mtu_probe_h(n, inpkt, origlen);
else
receive_packet(n, inpkt);
}
cp();
+ if(!n->status.reachable) {
+ ifdebug(TRAFFIC) logger(LOG_INFO, _("Trying to send UDP packet to unreachable node %s (%s)"), n->name, n->hostname);
+ return;
+ }
+
/* Make sure we have a valid key */
if(!n->status.validkey) {
return;
}
- if(!n->minmtu && (inpkt->data[12] | inpkt->data[13])) {
+ if(n->options & OPTION_PMTU_DISCOVERY && !n->minmtu && (inpkt->data[12] | inpkt->data[13])) {
ifdebug(TRAFFIC) logger(LOG_INFO,
_("No minimum MTU established yet for %s (%s), forwarding via TCP"),
n->name, n->hostname);
ifdebug(TRAFFIC) logger(LOG_INFO, _("Broadcasting packet of %d bytes from %s (%s)"),
packet->len, from->name, from->hostname);
- if(from != myself)
+ if(from != myself) {
send_packet(myself, packet);
+ // In TunnelServer mode, do not forward broadcast packets.
+ // The MST might not be valid and create loops.
+ if(tunnelserver)
+ return;
+ }
+
for(node = connection_tree->head; node; node = node->next) {
c = node->data;
pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
if(pkt.len < 0) {
- logger(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno));
+ if(errno != EAGAIN && errno != EINTR)
+ logger(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno));
return;
}
n = try_harder(&from, &pkt);
if(n)
update_node_udp(n, &from);
- else {
+ else ifdebug(PROTOCOL) {
hostname = sockaddr2hostname(&from);
logger(LOG_WARNING, _("Received UDP packet from unknown source %s"), hostname);
free(hostname);
return;
}
+ else
+ return;
}
receive_udppacket(n, &pkt);