X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=src%2Fnet_packet.c;h=30ad3e504c3cf56c68650d9897c2c4551230db28;hb=b3b89e46b1b84fa6cf1726fabe9e9c7bb0d3d831;hp=67ebc223624931baecd4f7fa44761ce1105839f5;hpb=ee1d655f2f1ede6da66b6268974d6f9585c616b3;p=meshlink diff --git a/src/net_packet.c b/src/net_packet.c index 67ebc223..30ad3e50 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -1,7 +1,7 @@ /* net_packet.c -- Handles in- and outgoing VPN packets Copyright (C) 1998-2005 Ivo Timmermans, - 2000-2012 Guus Sliepen + 2000-2013 Guus Sliepen 2010 Timothy Redaelli 2010 Brandon Black @@ -22,12 +22,6 @@ #include "system.h" -#include -#include -#include -#include -#include - #ifdef HAVE_ZLIB #include #endif @@ -41,14 +35,12 @@ #include "connection.h" #include "crypto.h" #include "digest.h" -#include "device.h" #include "ethernet.h" #include "graph.h" #include "logger.h" #include "net.h" #include "netutl.h" #include "protocol.h" -#include "process.h" #include "route.h" #include "utils.h" #include "xalloc.h" @@ -62,6 +54,7 @@ static void send_udppacket(node_t *, vpn_packet_t *); unsigned replaywin = 16; bool localdiscovery = false; +sockaddr_t localdiscovery_address; #define MAX_SEQNO 1073741824 @@ -70,14 +63,18 @@ bool localdiscovery = false; mtuprobes == 32: send 1 burst, sleep pingtimeout second mtuprobes == 33: no response from other side, restart PMTU discovery process - Probes are sent in batches of three, with random sizes between the lower and - upper boundaries for the MTU thus far discovered. + Probes are sent in batches of at least three, with random sizes between the + lower and upper boundaries for the MTU thus far discovered. + + After the initial discovery, a fourth packet is added to each batch with a + size larger than the currently known PMTU, to test if the PMTU has increased. - In case local discovery is enabled, a fourth packet is added to each batch, + In case local discovery is enabled, another packet is added to each batch, which will be broadcast to the local network. + */ -static void send_mtu_probe_handler(int fd, short events, void *data) { +static void send_mtu_probe_handler(void *data) { node_t *n = data; int timeout = 1; @@ -125,13 +122,18 @@ static void send_mtu_probe_handler(int fd, short events, void *data) { timeout = pingtimeout; } - for(int i = 0; i < 3 + localdiscovery; i++) { + for(int i = 0; i < 4 + localdiscovery; i++) { int len; - if(n->maxmtu <= n->minmtu) + if(i == 0) { + if(n->mtuprobes < 30 || n->maxmtu + 8 >= MTU) + continue; + len = n->maxmtu + 8; + } else if(n->maxmtu <= n->minmtu) { len = n->maxmtu; - else + } else { len = n->minmtu + 1 + rand() % (n->maxmtu - n->minmtu); + } if(len < 64) len = 64; @@ -140,46 +142,136 @@ static void send_mtu_probe_handler(int fd, short events, void *data) { memset(packet.data, 0, 14); randomize(packet.data + 14, len - 14); packet.len = len; - if(i >= 3 && n->mtuprobes <= 10) - packet.priority = -1; - else - packet.priority = 0; + packet.priority = 0; + n->status.broadcast = i >= 4 && n->mtuprobes <= 10 && n->prevedge; logger(DEBUG_TRAFFIC, LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname); send_udppacket(n, &packet); } + n->status.broadcast = false; + n->probe_counter = 0; + gettimeofday(&n->probe_time, NULL); + + /* Calculate the packet loss of incoming traffic by comparing the rate of + packets received to the rate with which the sequence number has increased. + */ + + if(n->received > n->prev_received) + n->packetloss = 1.0 - (n->received - n->prev_received) / (float)(n->received_seqno - n->prev_received_seqno); + else + n->packetloss = n->received_seqno <= n->prev_received_seqno; + + n->prev_received_seqno = n->received_seqno; + n->prev_received = n->received; + end: - event_add(&n->mtuevent, &(struct timeval){timeout, 0}); + timeout_set(&n->mtutimeout, &(struct timeval){timeout, rand() % 100000}); } void send_mtu_probe(node_t *n) { - if(!timeout_initialized(&n->mtuevent)) - timeout_set(&n->mtuevent, send_mtu_probe_handler, n); - send_mtu_probe_handler(0, 0, n); + timeout_add(&n->mtutimeout, send_mtu_probe_handler, n, &(struct timeval){1, 0}); + send_mtu_probe_handler(n); } static void mtu_probe_h(node_t *n, vpn_packet_t *packet, length_t len) { - logger(DEBUG_TRAFFIC, LOG_INFO, "Got MTU probe length %d from %s (%s)", packet->len, n->name, n->hostname); - if(!packet->data[0]) { - packet->data[0] = 1; + logger(DEBUG_TRAFFIC, LOG_INFO, "Got MTU probe request %d from %s (%s)", packet->len, n->name, n->hostname); + + /* It's a probe request, send back a reply */ + + /* Type 2 probe replies were introduced in protocol 17.3 */ + if ((n->options >> 24) == 3) { + uint8_t* data = packet->data; + *data++ = 2; + uint16_t len16 = htons(len); memcpy(data, &len16, 2); data += 2; + struct timeval now; + gettimeofday(&now, NULL); + uint32_t sec = htonl(now.tv_sec); memcpy(data, &sec, 4); data += 4; + uint32_t usec = htonl(now.tv_usec); memcpy(data, &usec, 4); data += 4; + packet->len = data - packet->data; + } else { + /* Legacy protocol: n won't understand type 2 probe replies. */ + packet->data[0] = 1; + } + + /* Temporarily set udp_confirmed, so that the reply is sent + back exactly the way it came in. */ + + bool udp_confirmed = n->status.udp_confirmed; + n->status.udp_confirmed = true; send_udppacket(n, packet); + n->status.udp_confirmed = udp_confirmed; } else { + length_t probelen = len; + if (packet->data[0] == 2) { + if (len < 3) + logger(DEBUG_TRAFFIC, LOG_WARNING, "Received invalid (too short) MTU probe reply from %s (%s)", n->name, n->hostname); + else { + uint16_t probelen16; memcpy(&probelen16, packet->data + 1, 2); probelen = ntohs(probelen16); + } + } + logger(DEBUG_TRAFFIC, LOG_INFO, "Got type %d MTU probe reply %d from %s (%s)", packet->data[0], probelen, n->name, n->hostname); + + /* It's a valid reply: now we know bidirectional communication + is possible using the address and socket that the reply + packet used. */ + n->status.udp_confirmed = true; + /* If we haven't established the PMTU yet, restart the discovery process. */ + if(n->mtuprobes > 30) { + if (probelen == n->maxmtu + 8) { + logger(DEBUG_TRAFFIC, LOG_INFO, "Increase in PMTU to %s (%s) detected, restarting PMTU discovery", n->name, n->hostname); + n->maxmtu = MTU; + n->mtuprobes = 10; + return; + } + if(n->minmtu) n->mtuprobes = 30; else n->mtuprobes = 1; } - if(len > n->maxmtu) - len = n->maxmtu; - if(n->minmtu < len) - n->minmtu = len; + /* If applicable, raise the minimum supported MTU */ + + if(probelen > n->maxmtu) + probelen = n->maxmtu; + if(n->minmtu < probelen) + n->minmtu = probelen; + + /* Calculate RTT and bandwidth. + The RTT is the time between the MTU probe burst was sent and the first + reply is received. The bandwidth is measured using the time between the + arrival of the first and third probe reply (or type 2 probe requests). + */ + + struct timeval now, diff; + gettimeofday(&now, NULL); + timersub(&now, &n->probe_time, &diff); + + struct timeval probe_timestamp = now; + if (packet->data[0] == 2 && packet->len >= 11) { + uint32_t sec; memcpy(&sec, packet->data + 3, 4); + uint32_t usec; memcpy(&usec, packet->data + 7, 4); + probe_timestamp.tv_sec = ntohl(sec); + probe_timestamp.tv_usec = ntohl(usec); + } + + n->probe_counter++; + + if(n->probe_counter == 1) { + n->rtt = diff.tv_sec + diff.tv_usec * 1e-6; + n->probe_time = probe_timestamp; + } else if(n->probe_counter == 3) { + struct timeval probe_timestamp_diff; + timersub(&probe_timestamp, &n->probe_time, &probe_timestamp_diff); + n->bandwidth = 2.0 * probelen / (probe_timestamp_diff.tv_sec + probe_timestamp_diff.tv_usec * 1e-6); + logger(DEBUG_TRAFFIC, LOG_DEBUG, "%s (%s) RTT %.2f ms, burst bandwidth %.3f Mbit/s, rx packet loss %.2f %%", n->name, n->hostname, n->rtt * 1e3, n->bandwidth * 8e-6, n->packetloss * 1e2); + } } } @@ -258,10 +350,10 @@ static bool try_mac(node_t *n, const vpn_packet_t *inpkt) { if(n->status.sptps) return sptps_verify_datagram(&n->sptps, (char *)&inpkt->seqno, inpkt->len); - if(!digest_active(&n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(&n->indigest)) + if(!digest_active(n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest)) return false; - return digest_verify(&n->indigest, &inpkt->seqno, inpkt->len - n->indigest.maclength, (const char *)&inpkt->seqno + inpkt->len - n->indigest.maclength); + return digest_verify(n->indigest, &inpkt->seqno, inpkt->len - digest_length(n->indigest), (const char *)&inpkt->seqno + inpkt->len - digest_length(n->indigest)); } static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { @@ -272,19 +364,27 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { size_t outlen; if(n->status.sptps) { + if(!n->sptps.state) { + if(!n->status.waitingforkey) { + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but we haven't exchanged keys yet", n->name, n->hostname); + send_req_key(n); + } else { + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); + } + return; + } sptps_receive_data(&n->sptps, (char *)&inpkt->seqno, inpkt->len); return; } - if(!cipher_active(&n->incipher)) { - logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", - n->name, n->hostname); + if(!cipher_active(n->incipher)) { + logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got packet from %s (%s) but he hasn't got our key yet", n->name, n->hostname); return; } /* Check packet length */ - if(inpkt->len < sizeof inpkt->seqno + digest_length(&n->indigest)) { + if(inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got too short packet from %s (%s)", n->name, n->hostname); return; @@ -292,20 +392,20 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { /* Check the message authentication code */ - if(digest_active(&n->indigest)) { - inpkt->len -= n->indigest.maclength; - if(!digest_verify(&n->indigest, &inpkt->seqno, inpkt->len, (const char *)&inpkt->seqno + inpkt->len)) { + if(digest_active(n->indigest)) { + inpkt->len -= digest_length(n->indigest); + if(!digest_verify(n->indigest, &inpkt->seqno, inpkt->len, (const char *)&inpkt->seqno + inpkt->len)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Got unauthenticated packet from %s (%s)", n->name, n->hostname); return; } } /* Decrypt the packet */ - if(cipher_active(&n->incipher)) { + if(cipher_active(n->incipher)) { outpkt = pkt[nextpkt++]; outlen = MAXSIZE; - if(!cipher_decrypt(&n->incipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { + if(!cipher_decrypt(n->incipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { logger(DEBUG_TRAFFIC, LOG_DEBUG, "Error decrypting packet from %s (%s)", n->name, n->hostname); return; } @@ -349,6 +449,8 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { if(inpkt->seqno > n->received_seqno) n->received_seqno = inpkt->seqno; + n->received++; + if(n->received_seqno > MAX_SEQNO) regenerate_key(); @@ -381,6 +483,9 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) { void receive_tcppacket(connection_t *c, const char *buffer, int len) { vpn_packet_t outpkt; + if(len > sizeof outpkt.data) + return; + outpkt.len = len; if(c->options & OPTION_TCPONLY) outpkt.priority = 0; @@ -396,7 +501,7 @@ static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { logger(DEBUG_TRAFFIC, LOG_INFO, "No valid key known yet for %s (%s)", n->name, n->hostname); if(!n->status.waitingforkey) send_req_key(n); - else if(n->last_req_key + 10 < time(NULL)) { + else if(n->last_req_key + 10 < now.tv_sec) { logger(DEBUG_ALWAYS, LOG_DEBUG, "No key from %s after 10 seconds, restarting SPTPS", n->name); sptps_stop(&n->sptps); n->status.waitingforkey = false; @@ -438,6 +543,94 @@ static void send_sptps_packet(node_t *n, vpn_packet_t *origpkt) { return; } +static void choose_udp_address(const node_t *n, const sockaddr_t **sa, int *sock) { + /* Latest guess */ + *sa = &n->address; + *sock = n->sock; + + /* If the UDP address is confirmed, use it. */ + if(n->status.udp_confirmed) + return; + + /* Send every third packet to n->address; that could be set + to the node's reflexive UDP address discovered during key + exchange. */ + + static int x = 0; + if(++x >= 3) { + x = 0; + return; + } + + /* Otherwise, address are found in edges to this node. + So we pick a random edge and a random socket. */ + + int i = 0; + int j = rand() % n->edge_tree->count; + edge_t *candidate = NULL; + + for splay_each(edge_t, e, n->edge_tree) { + if(i++ == j) { + candidate = e->reverse; + break; + } + } + + if(candidate) { + *sa = &candidate->address; + *sock = rand() % listen_sockets; + } + + /* Make sure we have a suitable socket for the chosen address */ + if(listen_socket[*sock].sa.sa.sa_family != (*sa)->sa.sa_family) { + for(int i = 0; i < listen_sockets; i++) { + if(listen_socket[i].sa.sa.sa_family == (*sa)->sa.sa_family) { + *sock = i; + break; + } + } + } +} + +static void choose_broadcast_address(const node_t *n, const sockaddr_t **sa, int *sock) { + static sockaddr_t broadcast_ipv4 = { + .in = { + .sin_family = AF_INET, + .sin_addr.s_addr = -1, + } + }; + + static sockaddr_t broadcast_ipv6 = { + .in6 = { + .sin6_family = AF_INET6, + .sin6_addr.s6_addr[0x0] = 0xff, + .sin6_addr.s6_addr[0x1] = 0x02, + .sin6_addr.s6_addr[0xf] = 0x01, + } + }; + + *sock = rand() % listen_sockets; + + if(listen_socket[*sock].sa.sa.sa_family == AF_INET6) { + if(localdiscovery_address.sa.sa_family == AF_INET6) { + localdiscovery_address.in6.sin6_port = n->prevedge->address.in.sin_port; + *sa = &localdiscovery_address; + } else { + broadcast_ipv6.in6.sin6_port = n->prevedge->address.in.sin_port; + broadcast_ipv6.in6.sin6_scope_id = listen_socket[*sock].sa.in6.sin6_scope_id; + *sa = &broadcast_ipv6; + } + } else { + if(localdiscovery_address.sa.sa_family == AF_INET) { + localdiscovery_address.in.sin_port = n->prevedge->address.in.sin_port; + *sa = &localdiscovery_address; + } else { + broadcast_ipv4.in.sin_port = n->prevedge->address.in.sin_port; + *sa = &broadcast_ipv4; + } + } +} + static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { vpn_packet_t pkt1, pkt2; vpn_packet_t *pkt[] = { &pkt1, &pkt2, &pkt1, &pkt2 }; @@ -462,15 +655,13 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Make sure we have a valid key */ if(!n->status.validkey) { - time_t now = time(NULL); - logger(DEBUG_TRAFFIC, LOG_INFO, "No valid key known yet for %s (%s), forwarding via TCP", n->name, n->hostname); - if(n->last_req_key + 10 <= now) { + if(n->last_req_key + 10 <= now.tv_sec) { send_req_key(n); - n->last_req_key = now; + n->last_req_key = now.tv_sec; } send_tcppacket(n->nexthop->connection, origpkt); @@ -512,11 +703,11 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Encrypt the packet */ - if(cipher_active(&n->outcipher)) { + if(cipher_active(n->outcipher)) { outpkt = pkt[nextpkt++]; outlen = MAXSIZE; - if(!cipher_encrypt(&n->outcipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { + if(!cipher_encrypt(n->outcipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) { logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname); goto end; } @@ -527,95 +718,36 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) { /* Add the message authentication code */ - if(digest_active(&n->outdigest)) { - digest_create(&n->outdigest, &inpkt->seqno, inpkt->len, (char *)&inpkt->seqno + inpkt->len); - inpkt->len += digest_length(&n->outdigest); + if(digest_active(n->outdigest)) { + if(!digest_create(n->outdigest, &inpkt->seqno, inpkt->len, (char *)&inpkt->seqno + inpkt->len)) { + logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname); + goto end; + } + + inpkt->len += digest_length(n->outdigest); } /* Send the packet */ - sockaddr_t *sa; + const sockaddr_t *sa; int sock; - /* Overloaded use of priority field: -1 means local broadcast */ - - if(origpriority == -1 && n->prevedge) { - sockaddr_t broadcast; - broadcast.in.sin_family = AF_INET; - broadcast.in.sin_addr.s_addr = -1; - broadcast.in.sin_port = n->prevedge->address.in.sin_port; - sa = &broadcast; - sock = 0; - } else { - if(origpriority == -1) - origpriority = 0; - - if(n->status.udp_confirmed) { - /* Address of this node is confirmed, so use it. */ - sa = &n->address; - sock = n->sock; - } else { - /* Otherwise, go through the list of known addresses of - this node. The first address we try is always the - one in n->address; that could be set to the node's - reflexive UDP address discovered during key - exchange. The other known addresses are those found - in edges to this node. */ - - static unsigned int i; - int j = 0; - edge_t *candidate = NULL; - - if(i) { - for splay_each(edge_t, e, edge_weight_tree) { - if(e->to != n) - continue; - j++; - if(!candidate || j == i) - candidate = e; - } - } - - if(!candidate) { - sa = &n->address; - sock = n->sock; - } else { - sa = &candidate->address; - sock = rand() % listen_sockets; - } - - if(i++) - if(i > j) - i = 0; - } - } - - /* Determine which socket we have to use */ - - if(sa->sa.sa_family != listen_socket[sock].sa.sa.sa_family) - for(sock = 0; sock < listen_sockets; sock++) - if(sa->sa.sa_family == listen_socket[sock].sa.sa.sa_family) - break; - - if(sock >= listen_sockets) - sock = 0; - - if(!n->status.udp_confirmed) - n->sock = sock; + if(n->status.broadcast) + choose_broadcast_address(n, &sa, &sock); + else + choose_udp_address(n, &sa, &sock); #if defined(SOL_IP) && defined(IP_TOS) if(priorityinheritance && origpriority != priority && listen_socket[n->sock].sa.sa.sa_family == AF_INET) { priority = origpriority; logger(DEBUG_TRAFFIC, LOG_DEBUG, "Setting outgoing packet priority to %d", priority); - if(setsockopt(listen_socket[n->sock].udp, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */ + if(setsockopt(listen_socket[n->sock].udp.fd, SOL_IP, IP_TOS, &priority, sizeof(priority))) /* SO_PRIORITY doesn't seem to work */ logger(DEBUG_ALWAYS, LOG_ERR, "System call `%s' failed: %s", "setsockopt", strerror(errno)); } #endif - socklen_t sl = SALEN(n->address.sa); - - if(sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, &sa->sa, sl) < 0 && !sockwouldblock(sockerrno)) { + if(sendto(listen_socket[sock].udp.fd, (char *) &inpkt->seqno, inpkt->len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { if(sockmsgsize(sockerrno)) { if(n->maxmtu >= origlen) n->maxmtu = origlen - 1; @@ -639,23 +771,25 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) { b64encode(data, buf, len); /* If no valid key is known yet, send the packets using ANS_KEY requests, to ensure we get to learn the reflexive UDP address. */ - if(!to->status.validkey) - return send_request(to->nexthop->connection, "%d %s %s %s -1 -1 -1 %d", ANS_KEY, myself->name, to->name, buf, myself->incompression); - else + if(!to->status.validkey) { + to->incompression = myself->incompression; + return send_request(to->nexthop->connection, "%d %s %s %s -1 -1 -1 %d", ANS_KEY, myself->name, to->name, buf, to->incompression); + } else { return send_request(to->nexthop->connection, "%d %s %s %d %s", REQ_KEY, myself->name, to->name, REQ_SPTPS, buf); + } } /* Otherwise, send the packet via UDP */ - struct sockaddr *sa; - socklen_t sl; + const sockaddr_t *sa; int sock; - sa = &(to->address.sa); - sl = SALEN(to->address.sa); - sock = to->sock; + if(to->status.broadcast) + choose_broadcast_address(to, &sa, &sock); + else + choose_udp_address(to, &sa, &sock); - if(sendto(listen_socket[sock].udp, data, len, 0, sa, sl) < 0 && !sockwouldblock(sockerrno)) { + if(sendto(listen_socket[sock].udp.fd, data, len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) { if(sockmsgsize(sockerrno)) { if(to->maxmtu >= len) to->maxmtu = len - 1; @@ -711,11 +845,11 @@ bool receive_sptps_record(void *handle, uint8_t type, const char *data, uint16_t int offset = (type & PKT_MAC) ? 0 : 14; if(type & PKT_COMPRESSED) { - len = uncompress_packet(inpkt.data + offset, (const uint8_t *)data, len, from->incompression); - if(len < 0) { + length_t ulen = uncompress_packet(inpkt.data + offset, (const uint8_t *)data, len, from->incompression); + if(ulen < 0) { return false; } else { - inpkt.len = len + offset; + inpkt.len = ulen + offset; } if(inpkt.len > MAXSIZE) abort(); @@ -758,7 +892,7 @@ void send_packet(node_t *n, vpn_packet_t *packet) { memcpy(packet->data, mymac.x, ETH_ALEN); n->out_packets++; n->out_bytes += packet->len; - devops.write(packet); + // TODO: send to application return; } @@ -825,7 +959,7 @@ void broadcast_packet(const node_t *from, vpn_packet_t *packet) { break; for splay_each(node_t, n, node_tree) - if(n->status.reachable && ((n->via == myself && n->nexthop == n) || n->via == n)) + if(n->status.reachable && n != myself && ((n->via == myself && n->nexthop == n) || n->via == n)) send_packet(n, packet); break; @@ -838,14 +972,13 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) { node_t *n = NULL; bool hard = false; static time_t last_hard_try = 0; - time_t now = time(NULL); for splay_each(edge_t, e, edge_weight_tree) { if(!e->to->status.reachable || e->to == myself) continue; if(sockaddrcmp_noport(from, &e->address)) { - if(last_hard_try == now) + if(last_hard_try == now.tv_sec) continue; hard = true; } @@ -858,13 +991,14 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) { } if(hard) - last_hard_try = now; + last_hard_try = now.tv_sec; - last_hard_try = now; + last_hard_try = now.tv_sec; return n; } -void handle_incoming_vpn_data(int sock, short events, void *data) { +void handle_incoming_vpn_data(void *data, int flags) { + listen_socket_t *ls = data; vpn_packet_t pkt; char *hostname; sockaddr_t from = {{0}}; @@ -872,7 +1006,7 @@ void handle_incoming_vpn_data(int sock, short events, void *data) { node_t *n; int len; - len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen); + len = recvfrom(ls->udp.fd, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen); if(len <= 0 || len > MAXSIZE) { if(!sockwouldblock(sockerrno)) @@ -900,19 +1034,7 @@ void handle_incoming_vpn_data(int sock, short events, void *data) { return; } - n->sock = (intptr_t)data; + n->sock = ls - listen_socket; receive_udppacket(n, &pkt); } - -void handle_device_data(int sock, short events, void *data) { - vpn_packet_t packet; - - packet.priority = 0; - - if(devops.read(&packet)) { - myself->in_packets++; - myself->in_bytes += packet.len; - route(myself, &packet); - } -}