git.tinc-vpn.org Git - tinc/blob - src/net.c

   1 /*
   2     net.c -- most of the network code
   3     Copyright (C) 1998-2002 Ivo Timmermans <ivo@o2w.nl>,
   4                   2000-2002 Guus Sliepen <guus@sliepen.eu.org>
   5
   6     This program is free software; you can redistribute it and/or modify
   7     it under the terms of the GNU General Public License as published by
   8     the Free Software Foundation; either version 2 of the License, or
   9     (at your option) any later version.
  10
  11     This program is distributed in the hope that it will be useful,
  12     but WITHOUT ANY WARRANTY; without even the implied warranty of
  13     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14     GNU General Public License for more details.
  15
  16     You should have received a copy of the GNU General Public License
  17     along with this program; if not, write to the Free Software
  18     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  19
  20     $Id: net.c,v 1.35.4.182 2002/09/15 14:55:53 guus Exp $
  21 */
  22
  23 #include "config.h"
  24
  25 #include <errno.h>
  26 #include <fcntl.h>
  27 #include <netdb.h>
  28 #include <stdio.h>
  29 #include <stdlib.h>
  30 #include <string.h>
  31 #include <signal.h>
  32 #include <sys/time.h>
  33 #include <sys/types.h>
  34 #include <syslog.h>
  35 #include <unistd.h>
  36 #include <sys/ioctl.h>
  37 /* SunOS really wants sys/socket.h BEFORE net/if.h,
  38    and FreeBSD wants these lines below the rest. */
  39 #include <arpa/inet.h>
  40 #include <sys/socket.h>
  41 #include <net/if.h>
  42 #ifdef HAVE_NETINET_IN_SYSTM_H
  43 #include <netinet/in_systm.h>
  44 #endif
  45 #include <netinet/in.h>
  46 #ifdef HAVE_NETINET_IP_H
  47 #include <netinet/ip.h>
  48 #endif
  49 #ifdef HAVE_NETINET_TCP_H
  50 #include <netinet/tcp.h>
  51 #endif
  52
  53 #include <openssl/rand.h>
  54
  55 #include <utils.h>
  56 #include <xalloc.h>
  57 #include <avl_tree.h>
  58 #include <list.h>
  59
  60 #include "conf.h"
  61 #include "connection.h"
  62 #include "meta.h"
  63 #include "net.h"
  64 #include "netutl.h"
  65 #include "process.h"
  66 #include "protocol.h"
  67 #include "subnet.h"
  68 #include "graph.h"
  69 #include "process.h"
  70 #include "route.h"
  71 #include "device.h"
  72 #include "event.h"
  73
  74 #include "system.h"
  75
  76 #ifndef HAVE_RAND_PSEUDO_BYTES
  77 #define RAND_pseudo_bytes RAND_bytes
  78 #endif
  79
  80 int do_purge = 0;
  81 int sighup = 0;
  82 int sigalrm = 0;
  83
  84 time_t now = 0;
  85
  86 /* Purge edges and subnets of unreachable nodes. Use carefully. */
  87
  88 void purge(void)
  89 {
  90         avl_node_t *nnode, *nnext, *enode, *enext, *snode, *snext;
  91         node_t *n;
  92         edge_t *e;
  93         subnet_t *s;
  94
  95         cp();
  96
  97         if(debug_lvl >= DEBUG_PROTOCOL)
  98                 syslog(LOG_DEBUG, _("Purging unreachable nodes"));
  99
 100         for(nnode = node_tree->head; nnode; nnode = nnext) {
 101                 nnext = nnode->next;
 102                 n = (node_t *) nnode->data;
 103
 104                 if(!n->status.reachable) {
 105                         if(debug_lvl >= DEBUG_SCARY_THINGS)
 106                                 syslog(LOG_DEBUG, _("Purging node %s (%s)"), n->name,
 107                                            n->hostname);
 108
 109                         for(snode = n->subnet_tree->head; snode; snode = snext) {
 110                                 snext = snode->next;
 111                                 s = (subnet_t *) snode->data;
 112                                 send_del_subnet(broadcast, s);
 113                                 subnet_del(n, s);
 114                         }
 115
 116                         for(enode = n->edge_tree->head; enode; enode = enext) {
 117                                 enext = enode->next;
 118                                 e = (edge_t *) enode->data;
 119                                 send_del_edge(broadcast, e);
 120                                 edge_del(e);
 121                         }
 122
 123                         node_del(n);
 124                 }
 125         }
 126 }
 127
 128 /*
 129   put all file descriptors in an fd_set array
 130   While we're at it, purge stuff that needs to be removed.
 131 */
 132 void build_fdset(fd_set * fs)
 133 {
 134         avl_node_t *node, *next;
 135         connection_t *c;
 136         int i;
 137
 138         cp();
 139
 140         FD_ZERO(fs);
 141
 142         for(node = connection_tree->head; node; node = next) {
 143                 next = node->next;
 144                 c = (connection_t *) node->data;
 145
 146                 if(c->status.remove) {
 147                         connection_del(c);
 148                         if(!connection_tree->head)
 149                                 purge();
 150                 } else
 151                         FD_SET(c->socket, fs);
 152         }
 153
 154         for(i = 0; i < listen_sockets; i++) {
 155                 FD_SET(listen_socket[i].tcp, fs);
 156                 FD_SET(listen_socket[i].udp, fs);
 157         }
 158
 159         FD_SET(device_fd, fs);
 160 }
 161
 162 /*
 163   Terminate a connection:
 164   - Close the socket
 165   - Remove associated edge and tell other connections about it if report = 1
 166   - Check if we need to retry making an outgoing connection
 167   - Deactivate the host
 168 */
 169 void terminate_connection(connection_t *c, int report)
 170 {
 171         cp();
 172
 173         if(c->status.remove)
 174                 return;
 175
 176         if(debug_lvl >= DEBUG_CONNECTIONS)
 177                 syslog(LOG_NOTICE, _("Closing connection with %s (%s)"),
 178                            c->name, c->hostname);
 179
 180         c->status.remove = 1;
 181         c->status.active = 0;
 182
 183         if(c->node)
 184                 c->node->connection = NULL;
 185
 186         if(c->socket)
 187                 close(c->socket);
 188
 189         if(c->edge) {
 190                 if(report)
 191                         send_del_edge(broadcast, c->edge);
 192
 193                 edge_del(c->edge);
 194
 195                 /* Run MST and SSSP algorithms */
 196
 197                 graph();
 198         }
 199
 200         /* Check if this was our outgoing connection */
 201
 202         if(c->outgoing) {
 203                 retry_outgoing(c->outgoing);
 204                 c->outgoing = NULL;
 205         }
 206 }
 207
 208 /*
 209   Check if the other end is active.
 210   If we have sent packets, but didn't receive any,
 211   then possibly the other end is dead. We send a
 212   PING request over the meta connection. If the other
 213   end does not reply in time, we consider them dead
 214   and close the connection.
 215 */
 216 void check_dead_connections(void)
 217 {
 218         avl_node_t *node, *next;
 219         connection_t *c;
 220
 221         cp();
 222
 223         for(node = connection_tree->head; node; node = next) {
 224                 next = node->next;
 225                 c = (connection_t *) node->data;
 226
 227                 if(c->last_ping_time + pingtimeout < now) {
 228                         if(c->status.active) {
 229                                 if(c->status.pinged) {
 230                                         if(debug_lvl >= DEBUG_PROTOCOL)
 231                                                 syslog(LOG_INFO, _("%s (%s) didn't respond to PING"),
 232                                                            c->name, c->hostname);
 233                                         c->status.timeout = 1;
 234                                         terminate_connection(c, 1);
 235                                 } else {
 236                                         send_ping(c);
 237                                 }
 238                         } else {
 239                                 if(c->status.remove) {
 240                                         syslog(LOG_WARNING, _("Old connection_t for %s (%s) status %04x still lingering, deleting..."),
 241                                                    c->name, c->hostname, c->status);
 242                                         connection_del(c);
 243                                         continue;
 244                                 }
 245                                 if(debug_lvl >= DEBUG_CONNECTIONS)
 246                                         syslog(LOG_WARNING, _("Timeout from %s (%s) during authentication"),
 247                                                    c->name, c->hostname);
 248                                 terminate_connection(c, 0);
 249                         }
 250                 }
 251         }
 252 }
 253
 254 /*
 255   check all connections to see if anything
 256   happened on their sockets
 257 */
 258 void check_network_activity(fd_set * f)
 259 {
 260         connection_t *c;
 261         avl_node_t *node;
 262         int result, i;
 263         int len = sizeof(result);
 264         vpn_packet_t packet;
 265
 266         cp();
 267
 268         if(FD_ISSET(device_fd, f)) {
 269                 if(!read_packet(&packet))
 270                         route_outgoing(&packet);
 271         }
 272
 273         for(node = connection_tree->head; node; node = node->next) {
 274                 c = (connection_t *) node->data;
 275
 276                 if(c->status.remove)
 277                         continue;
 278
 279                 if(FD_ISSET(c->socket, f)) {
 280                         if(c->status.connecting) {
 281                                 c->status.connecting = 0;
 282                                 getsockopt(c->socket, SOL_SOCKET, SO_ERROR, &result, &len);
 283
 284                                 if(!result)
 285                                         finish_connecting(c);
 286                                 else {
 287                                         if(debug_lvl >= DEBUG_CONNECTIONS)
 288                                                 syslog(LOG_DEBUG,
 289                                                            _("Error while connecting to %s (%s): %s"),
 290                                                            c->name, c->hostname, strerror(result));
 291                                         close(c->socket);
 292                                         do_outgoing_connection(c);
 293                                         continue;
 294                                 }
 295                         }
 296
 297                         if(receive_meta(c) < 0) {
 298                                 terminate_connection(c, c->status.active);
 299                                 continue;
 300                         }
 301                 }
 302         }
 303
 304         for(i = 0; i < listen_sockets; i++) {
 305                 if(FD_ISSET(listen_socket[i].udp, f))
 306                         handle_incoming_vpn_data(listen_socket[i].udp);
 307
 308                 if(FD_ISSET(listen_socket[i].tcp, f))
 309                         handle_new_meta_connection(listen_socket[i].tcp);
 310         }
 311 }
 312
 313 /*
 314   this is where it all happens...
 315 */
 316 void main_loop(void)
 317 {
 318         fd_set fset;
 319         struct timeval tv;
 320         int r;
 321         time_t last_ping_check;
 322         event_t *event;
 323
 324         cp();
 325
 326         last_ping_check = now;
 327         srand(now);
 328
 329         for(;;) {
 330                 now = time(NULL);
 331
 332                 tv.tv_sec = 1 + (rand() & 7);   /* Approx. 5 seconds, randomized to prevent global synchronisation effects */
 333                 tv.tv_usec = 0;
 334
 335                 build_fdset(&fset);
 336
 337                 r = select(FD_SETSIZE, &fset, NULL, NULL, &tv);
 338
 339                 if(r < 0) {
 340                         if(errno != EINTR && errno != EAGAIN) {
 341                                 syslog(LOG_ERR, _("Error while waiting for input: %s"),
 342                                            strerror(errno));
 343                                 cp_trace();
 344                                 dump_connections();
 345                                 return;
 346                         }
 347
 348                         continue;
 349                 }
 350
 351                 check_network_activity(&fset);
 352
 353                 if(do_purge) {
 354                         purge();
 355                         do_purge = 0;
 356                 }
 357
 358                 /* Let's check if everybody is still alive */
 359
 360                 if(last_ping_check + pingtimeout < now) {
 361                         check_dead_connections();
 362                         last_ping_check = now;
 363
 364                         if(routing_mode == RMODE_SWITCH)
 365                                 age_mac();
 366
 367                         age_past_requests();
 368
 369                         /* Should we regenerate our key? */
 370
 371                         if(keyexpires < now) {
 372                                 if(debug_lvl >= DEBUG_STATUS)
 373                                         syslog(LOG_INFO, _("Regenerating symmetric key"));
 374
 375                                 RAND_pseudo_bytes(myself->key, myself->keylength);
 376                                 send_key_changed(broadcast, myself);
 377                                 keyexpires = now + keylifetime;
 378                         }
 379                 }
 380
 381
 382                 while((event = get_expired_event())) {
 383                         event->handler(event->data);
 384                         free(event);
 385                 }
 386
 387                 if(sigalrm) {
 388                         syslog(LOG_INFO, _("Flushing event queue"));
 389
 390                         while(event_tree->head) {
 391                                 event = (event_t *) event_tree->head->data;
 392                                 event->handler(event->data);
 393                                 event_del(event);
 394                         }
 395                         sigalrm = 0;
 396                 }
 397
 398                 if(sighup) {
 399                         sighup = 0;
 400                         close_network_connections();
 401                         exit_configuration(&config_tree);
 402
 403                         syslog(LOG_INFO, _("Rereading configuration file and restarting in 5 seconds..."));
 404                         sleep(5);
 405
 406                         init_configuration(&config_tree);
 407
 408                         if(read_server_config()) {
 409                                 syslog(LOG_ERR,
 410                                            _("Unable to reread configuration file, exitting."));
 411                                 exit(1);
 412                         }
 413
 414                         if(setup_network_connections())
 415                                 return;
 416
 417                         continue;
 418                 }
 419         }
 420 }