/*
Terminate a connection:
- Close the socket
- Remove associated edge and tell other connections about it if report = true
- Check if we need to retry making an outgoing connection
- Deactivate the host
*/
void terminate_connection(connection_t *c, bool report) {
if(c->status.remove)
return;
ifdebug(CONNECTIONS) logger(LOG_NOTICE, "Closing connection with %s (%s)",
c->name, c->hostname);
c->status.remove = true;
c->status.active = false;
if(c->node)
c->node->connection = NULL;
if(c->socket)
closesocket(c->socket);
if(c->edge) {
if(!c->node) {
logger(LOG_ERR, "Connection to %s (%s) has an edge but node is NULL!", c->name, c->hostname);
// And that should never happen.
abort();
}
if(report && !tunnelserver)
send_del_edge(everyone, c->edge);
edge_del(c->edge);
/* Run MST and SSSP algorithms */
graph();
/* If the node is not reachable anymore but we remember it had an edge to us, clean it up */
if(report && !c->node->status.reachable) {
edge_t *e;
e = lookup_edge(c->node, myself);
if(e) {
if(!tunnelserver)
send_del_edge(everyone, e);
edge_del(e);
}
}
}
free_connection_partially(c);
/* Check if this was our outgoing connection */
if(c->outgoing) {
c->status.remove = false;
do_outgoing_connection(c);
}
#ifndef HAVE_MINGW
/* Clean up dead proxy processes */
while(waitpid(-1, NULL, WNOHANG) > 0);
#endif
}
/*
Check if the other end is active.
If we have sent packets, but didn't receive any,
then possibly the other end is dead. We send a
PING request over the meta connection. If the other
end does not reply in time, we consider them dead
and close the connection.
*/
static void check_dead_connections(void) {
avl_node_t *node, *next;
connection_t *c;
for(node = connection_tree->head; node; node = next) {
next = node->next;
c = node->data;
if(c->last_ping_time + pingtimeout <= now) {
if(c->status.active) {
if(c->status.pinged) {
ifdebug(CONNECTIONS) logger(LOG_INFO, "%s (%s) didn't respond to PING in %ld seconds",
c->name, c->hostname, (long)now - c->last_ping_time);
c->status.timeout = true;
terminate_connection(c, true);
} else if(c->last_ping_time + pinginterval <= now) {
send_ping(c);
}
} else {
if(c->status.remove) {
logger(LOG_WARNING, "Old connection_t for %s (%s) status %04x still lingering, deleting...",
c->name, c->hostname, bitfield_to_int(&c->status, sizeof c->status));
connection_del(c);
continue;
}
ifdebug(CONNECTIONS) logger(LOG_WARNING, "Timeout from %s (%s) during authentication",
c->name, c->hostname);
if(c->status.connecting) {
c->status.connecting = false;
closesocket(c->socket);
do_outgoing_connection(c);
} else {
terminate_connection(c, false);
}
}
}
if(c->outbuflen > 0 && c->last_flushed_time + pingtimeout <= now) {
if(c->status.active) {
ifdebug(CONNECTIONS) logger(LOG_INFO,
"%s (%s) could not flush for %ld seconds (%d bytes remaining)",
c->name, c->hostname, (long)now - c->last_flushed_time, c->outbuflen);
c->status.timeout = true;
terminate_connection(c, true);
}
}
}
}
void setup_outgoing_connection(outgoing_t *outgoing) {
connection_t *c;
node_t *n;
outgoing->event = NULL;
n = lookup_node(outgoing->name);
if(n)
if(n->connection) {
ifdebug(CONNECTIONS) logger(LOG_INFO, "Already connected to %s", outgoing->name);
n->connection->outgoing = outgoing;
return;
}
c = new_connection();
c->name = xstrdup(outgoing->name);
c->outcipher = myself->connection->outcipher;
c->outdigest = myself->connection->outdigest;
c->outmaclength = myself->connection->outmaclength;
c->outcompression = myself->connection->outcompression;
init_configuration(&c->config_tree);
read_connection_config(c);
outgoing->cfg = lookup_config(c->config_tree, "Address");
if(!outgoing->cfg) {
logger(LOG_ERR, "No address specified for %s", c->name);
free_connection(c);
return;
}
c->outgoing = outgoing;
c->last_ping_time = now;
connection_add(c);
do_outgoing_connection(c);
}
/*
check all connections to see if anything
happened on their sockets
*/
static void check_network_activity(fd_set * readset, fd_set * writeset) {
connection_t *c;
avl_node_t *node;
int result, i;
socklen_t len = sizeof(result);
vpn_packet_t packet;
static int errors = 0;
/* check input from kernel */
if(device_fd >= 0 && FD_ISSET(device_fd, readset)) {
if(devops.read(&packet)) {
if(packet.len) {
errors = 0;
packet.priority = 0;
route(myself, &packet);
}
} else {
usleep(errors * 50000);
errors++;
if(errors > 10) {
logger(LOG_ERR, "Too many errors from %s, exiting!", device);
running = false;
}
}
}
/* check meta connections */
for(node = connection_tree->head; node; node = node->next) {
c = node->data;
if(c->status.remove)
continue;
if(FD_ISSET(c->socket, writeset)) {
if(c->status.connecting) {
c->status.connecting = false;
getsockopt(c->socket, SOL_SOCKET, SO_ERROR, (void *)&result, &len);
if(!result)
finish_connecting(c);
else {
ifdebug(CONNECTIONS) logger(LOG_DEBUG,
"Error while connecting to %s (%s): %s",
c->name, c->hostname, sockstrerror(result));
closesocket(c->socket);
do_outgoing_connection(c);
continue;
}
}
if(!flush_meta(c)) {
terminate_connection(c, c->status.active);
continue;
}
}
if(FD_ISSET(c->socket, readset)) {
if(!receive_meta(c)) {
terminate_connection(c, c->status.active);
continue;
}
}
}
for(i = 0; i < listen_sockets; i++) {
if(FD_ISSET(listen_socket[i].udp, readset))
handle_incoming_vpn_data(i);
if(FD_ISSET(listen_socket[i].tcp, readset))
handle_new_meta_connection(listen_socket[i].tcp);
}
}
