2 net.c -- most of the network code
3 Copyright (C) 1998-2005 Ivo Timmermans,
4 2000-2021 Guus Sliepen <guus@tinc-vpn.org>
5 2006 Scott Lamb <slamb@slamb.org>
6 2011 Loïc Grenié <loic.grenie@gmail.com>
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation, Inc.,
20 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include "autoconnect.h"
28 #include "connection.h"
38 int contradicting_add_edge = 0;
39 int contradicting_del_edge = 0;
40 static int sleeptime = 10;
41 time_t last_config_check = 0;
42 static timeout_t pingtimer;
43 static timeout_t periodictimer;
44 static struct timeval last_periodic_run_time;
46 /* Purge edges and subnets of unreachable nodes. Use carefully. */
49 logger(DEBUG_PROTOCOL, LOG_DEBUG, "Purging unreachable nodes");
51 /* Remove all edges and subnets owned by unreachable nodes. */
53 for splay_each(node_t, n, &node_tree) {
54 if(!n->status.reachable) {
55 logger(DEBUG_SCARY_THINGS, LOG_DEBUG, "Purging node %s (%s)", n->name, n->hostname);
57 for splay_each(subnet_t, s, &n->subnet_tree) {
58 send_del_subnet(everyone, s);
65 for splay_each(edge_t, e, &n->edge_tree) {
67 send_del_edge(everyone, e);
75 /* Check if anyone else claims to have an edge to an unreachable node. If not, delete node. */
77 for splay_each(node_t, n, &node_tree) {
78 if(!n->status.reachable) {
79 for splay_each(edge_t, e, &edge_weight_tree)
84 if(!autoconnect && (!strictsubnets || !n->subnet_tree.head))
85 /* in strictsubnets mode do not delete nodes with subnets */
93 /* Put a misbehaving connection in the tarpit */
95 static int pits[10] = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1};
96 static unsigned int next_pit = 0;
98 if(pits[next_pit] != -1) {
99 closesocket(pits[next_pit]);
102 pits[next_pit++] = fd;
104 if(next_pit >= sizeof pits / sizeof pits[0]) {
110 Terminate a connection:
111 - Mark it as inactive
112 - Remove the edge representing this connection
114 - Check if we need to retry making an outgoing connection
116 void terminate_connection(connection_t *c, bool report) {
117 logger(DEBUG_CONNECTIONS, LOG_NOTICE, "Closing connection with %s (%s)", c->name, c->hostname);
120 if(c->node->connection == c) {
121 c->node->connection = NULL;
125 if(report && !tunnelserver) {
126 send_del_edge(everyone, c->edge);
132 /* Run MST and SSSP algorithms */
136 /* If the node is not reachable anymore but we remember it had an edge to us, clean it up */
138 if(report && !c->node->status.reachable) {
140 e = lookup_edge(c->node, myself);
144 send_del_edge(everyone, e);
153 outgoing_t *outgoing = c->outgoing;
156 /* Check if this was our outgoing connection */
159 do_outgoing_connection(outgoing);
163 /* Clean up dead proxy processes */
165 while(waitpid(-1, NULL, WNOHANG) > 0);
171 Check if the other end is active.
172 If we have sent packets, but didn't receive any,
173 then possibly the other end is dead. We send a
174 PING request over the meta connection. If the other
175 end does not reply in time, we consider them dead
176 and close the connection.
178 static void timeout_handler(void *data) {
180 bool close_all_connections = false;
183 timeout_handler will start after 30 seconds from start of tincd
184 hold information about the elapsed time since last time the handler
187 long sleep_time = now.tv_sec - last_periodic_run_time.tv_sec;
190 It seems that finding sane default value is harder than expected
191 Since we send every second a UDP packet to make holepunching work
192 And default UDP state expire on firewalls is between 15-30 seconds
193 we drop all connections after 60 Seconds - UDPDiscoveryTimeout=30
196 if(sleep_time > 2 * udp_discovery_timeout) {
197 logger(DEBUG_ALWAYS, LOG_ERR, "Awaking from dead after %ld seconds of sleep", sleep_time);
199 Do not send any packets to tinc after we wake up.
200 The other node probably closed our connection but we still
201 are holding context information to them. This may happen on
202 laptops or any other hardware which can be suspended for some time.
203 Sending any data to node that wasn't expecting it will produce
204 annoying and misleading errors on the other side about failed signature
205 verification and or about missing sptps context
207 close_all_connections = true;
210 last_periodic_run_time = now;
212 for list_each(connection_t, c, &connection_list) {
213 // control connections (eg. tinc ctl) do not have any timeout
214 if(c->status.control) {
218 if(close_all_connections) {
219 logger(DEBUG_ALWAYS, LOG_ERR, "Forcing connection close after sleep time %s (%s)", c->name, c->hostname);
220 terminate_connection(c, c->edge);
224 // Bail out early if we haven't reached the ping timeout for this node yet
225 if(c->last_ping_time + pingtimeout > now.tv_sec) {
229 // timeout during connection establishing
231 if(c->status.connecting) {
232 logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout while connecting to %s (%s)", c->name, c->hostname);
234 logger(DEBUG_CONNECTIONS, LOG_WARNING, "Timeout from %s (%s) during authentication", c->name, c->hostname);
235 c->status.tarpit = true;
238 terminate_connection(c, c->edge);
242 // helps in UDP holepunching
243 try_tx(c->node, false);
245 // timeout during ping
246 if(c->status.pinged) {
247 logger(DEBUG_CONNECTIONS, LOG_INFO, "%s (%s) didn't respond to PING in %ld seconds", c->name, c->hostname, (long)(now.tv_sec - c->last_ping_time));
248 terminate_connection(c, c->edge);
252 // check whether we need to send a new ping
253 if(c->last_ping_time + pinginterval <= now.tv_sec) {
258 timeout_set(data, &(struct timeval) {
263 static void periodic_handler(void *data) {
264 /* Check if there are too many contradicting ADD_EDGE and DEL_EDGE messages.
265 This usually only happens when another node has the same Name as this node.
266 If so, sleep for a short while to prevent a storm of contradicting messages.
269 if(contradicting_del_edge > 100 && contradicting_add_edge > 100) {
270 logger(DEBUG_ALWAYS, LOG_WARNING, "Possible node with same Name as us! Sleeping %d seconds.", sleeptime);
271 nanosleep(&(struct timespec) {
287 contradicting_add_edge = 0;
288 contradicting_del_edge = 0;
290 /* If AutoConnect is set, check if we need to make or break connections. */
292 if(autoconnect && node_tree.count > 1) {
296 timeout_set(data, &(struct timeval) {
301 void handle_meta_connection_data(connection_t *c) {
302 if(!receive_meta(c)) {
303 if(!c->status.control) {
304 c->status.tarpit = true;
307 terminate_connection(c, c->edge);
313 static void sigterm_handler(void *data) {
314 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
318 static void sighup_handler(void *data) {
319 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
322 if(reload_configuration()) {
327 static void sigalrm_handler(void *data) {
328 logger(DEBUG_ALWAYS, LOG_NOTICE, "Got %s signal", strsignal(((signal_t *)data)->signum));
333 int reload_configuration(void) {
334 char fname[PATH_MAX];
336 /* Reread our own configuration file */
338 splay_empty_tree(&config_tree);
340 if(!read_server_config(&config_tree)) {
341 logger(DEBUG_ALWAYS, LOG_ERR, "Unable to reread configuration file.");
345 read_config_options(&config_tree, NULL);
347 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, myself->name);
348 read_config_file(&config_tree, fname, true);
350 /* Parse some options that are allowed to be changed while tinc is running */
352 setup_myself_reloadable();
354 /* If StrictSubnet is set, expire deleted Subnets and read new ones in */
357 for splay_each(subnet_t, subnet, &subnet_tree)
363 for splay_each(node_t, n, &node_tree) {
364 n->status.has_address = false;
370 for splay_each(subnet_t, subnet, &subnet_tree) {
375 if(subnet->expires == 1) {
376 send_del_subnet(everyone, subnet);
378 if(subnet->owner->status.reachable) {
379 subnet_update(subnet->owner, subnet, false);
382 subnet_del(subnet->owner, subnet);
383 } else if(subnet->expires == -1) {
386 send_add_subnet(everyone, subnet);
388 if(subnet->owner->status.reachable) {
389 subnet_update(subnet->owner, subnet, true);
393 } else { /* Only read our own subnets back in */
394 for splay_each(subnet_t, subnet, &myself->subnet_tree)
395 if(!subnet->expires) {
399 config_t *cfg = lookup_config(&config_tree, "Subnet");
402 subnet_t *subnet, *s2;
404 if(get_config_subnet(cfg, &subnet)) {
405 if((s2 = lookup_subnet(myself, subnet))) {
406 if(s2->expires == 1) {
412 subnet_add(myself, subnet);
413 send_add_subnet(everyone, subnet);
414 subnet_update(myself, subnet, true);
418 cfg = lookup_config_next(&config_tree, cfg);
421 for splay_each(subnet_t, subnet, &myself->subnet_tree) {
422 if(subnet->expires == 1) {
423 send_del_subnet(everyone, subnet);
424 subnet_update(myself, subnet, false);
425 subnet_del(myself, subnet);
430 /* Try to make outgoing connections */
432 try_outgoing_connections();
434 /* Close connections to hosts that have a changed or deleted host config file */
436 for list_each(connection_t, c, &connection_list) {
437 if(c->status.control) {
441 snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, c->name);
444 if(stat(fname, &s) || s.st_mtime > last_config_check) {
445 logger(DEBUG_CONNECTIONS, LOG_INFO, "Host config file of %s has been changed", c->name);
446 terminate_connection(c, c->edge);
450 last_config_check = now.tv_sec;
456 /* Reset the reconnection timers for all outgoing connections */
457 for list_each(outgoing_t, outgoing, &outgoing_list) {
458 outgoing->timeout = 0;
461 timeout_set(&outgoing->ev, &(struct timeval) {
466 /* Check for outgoing connections that are in progress, and reset their ping timers */
467 for list_each(connection_t, c, &connection_list) {
468 if(c->outgoing && !c->node) {
469 c->last_ping_time = 0;
473 /* Kick the ping timeout handler */
474 timeout_set(&pingtimer, &(struct timeval) {
480 this is where it all happens...
482 int main_loop(void) {
483 last_periodic_run_time = now;
484 timeout_add(&pingtimer, timeout_handler, &pingtimer, &(struct timeval) {
485 pingtimeout, rand() % 100000
487 timeout_add(&periodictimer, periodic_handler, &periodictimer, &(struct timeval) {
492 signal_t sighup = {0};
493 signal_t sigterm = {0};
494 signal_t sigquit = {0};
495 signal_t sigint = {0};
496 signal_t sigalrm = {0};
498 signal_add(&sighup, sighup_handler, &sighup, SIGHUP);
499 signal_add(&sigterm, sigterm_handler, &sigterm, SIGTERM);
500 signal_add(&sigquit, sigterm_handler, &sigquit, SIGQUIT);
501 signal_add(&sigint, sigterm_handler, &sigint, SIGINT);
502 signal_add(&sigalrm, sigalrm_handler, &sigalrm, SIGALRM);
506 logger(DEBUG_ALWAYS, LOG_ERR, "Error while waiting for input: %s", sockstrerror(sockerrno));
512 signal_del(&sigterm);
513 signal_del(&sigquit);
515 signal_del(&sigalrm);
518 timeout_del(&periodictimer);
519 timeout_del(&pingtimer);
projects / tinc / blob