/* -*-c-*-
*
- * $Id: peer.c,v 1.2 2001/02/03 22:40:29 mdw Exp $
+ * $Id: peer.c,v 1.6 2001/06/19 22:07:59 mdw Exp $
*
* Communication with the peer
*
/*----- Revision history --------------------------------------------------*
*
* $Log: peer.c,v $
+ * Revision 1.6 2001/06/19 22:07:59 mdw
+ * Use magic number for packet size.
+ *
+ * Revision 1.5 2001/03/03 11:15:19 mdw
+ * Set the socket send and receive buffers to maximum. At least this way,
+ * we won't drop large packets on the floor. If the administrator wants to
+ * prevent fragmentation of TrIPE messages, he can lower the MTU on the
+ * tunnel interface. Getting path-MTU stuff out of the kernel is too much
+ * system-specific hard work for this program.
+ *
+ * Revision 1.4 2001/02/16 21:40:24 mdw
+ * Change key exchange message interface. Maintain statistics.
+ *
+ * Revision 1.3 2001/02/04 17:10:58 mdw
+ * Make file descriptors be nonblocking and close-on-exec.
+ *
* Revision 1.2 2001/02/03 22:40:29 mdw
* Put timer information into the entropy pool when packets are received
* and on similar events. Reseed the generator on the interval timer.
/* --- Pick the packet apart --- */
+ p->st.t_last = time(0);
+ p->st.n_in++;
+ p->st.sz_in += n;
buf_init(&b, buf_i, n);
if ((ch = buf_getbyte(&b)) < 0) {
a_warn("bad packet from `%s': no type byte", p->name);
return;
}
- switch (ch) {
+ switch (ch & MSG_CATMASK) {
case MSG_PACKET:
+ if (ch & MSG_TYPEMASK) {
+ a_warn("unknown packet type from `%s'", p->name);
+ p->st.n_reject++;
+ return;
+ }
buf_init(&bb, buf_o, sizeof(buf_o));
- if (ks_decrypt(&p->ks, &b, &bb)) {
- a_warn("couldn't decrypt inbound packet");
+ if (ksl_decrypt(&p->ks, &b, &bb)) {
+ p->st.n_reject++;
+ a_warn("couldn't decrypt inbound packet from `%s'", p->name);
return;
}
- if (BOK(&bb))
+ if (BOK(&bb)) {
+ p->st.n_ipin++;
+ p->st.sz_ipin += BSZ(&b);
tun_inject(&p->t, &bb);
- else
+ } else {
+ p->st.n_reject++;
a_warn("packet build failed");
+ }
break;
- case MSG_PRECHALLENGE:
- kx_prechallenge(&p->kx, &b);
- break;
- case MSG_CHALLENGE:
- kx_challenge(&p->kx, &b);
- break;
- case MSG_RESPONSE:
- kx_response(&p->kx, &b);
+ case MSG_KEYEXCH:
+ kx_message(&p->kx, ch & MSG_TYPEMASK, &b);
break;
default:
+ p->st.n_reject++;
a_warn("bad packet from `%s': unknown packet type", p->name);
break;
}
if (sendto(sock.fd, BBASE(&p->b), BLEN(&p->b),
0, &p->peer.sa, p->sasz) < 0)
a_warn("packet send to `%s' failed: %s", p->name, strerror(errno));
+ else {
+ p->st.n_out++;
+ p->st.sz_out += BLEN(&p->b);
+ }
}
/* --- @p_tun@ --- *
{
buf *bb = p_txstart(p, MSG_PACKET);
TIMER;
- if (ks_encrypt(&p->ks, b, bb))
+ if (ksl_encrypt(&p->ks, b, bb))
kx_start(&p->kx);
- if (BCUR(bb) > BBASE(bb))
+ if (BOK(bb) && BLEN(bb)) {
+ p->st.n_ipout++;
+ p->st.sz_ipout += BLEN(bb);
p_txend(p);
+ }
}
/* --- @p_interval@ --- *
pp = p->next;
if (reload)
kx_newkeys(&p->kx);
- ks_prune(&p->ks);
+ ksl_prune(&p->ks);
}
}
+/* --- @p_stats@ --- *
+ *
+ * Arguments: @peer *p@ = pointer to a peer block
+ *
+ * Returns: A pointer to the peer's statistics.
+ */
+
+stats *p_stats(peer *p) { return (&p->st); }
+
/* --- @p_ifname@ --- *
*
* Arguments: @peer *p@ = pointer to a peer block
{
int fd;
struct sockaddr_in sin;
+ int len = PKBUFSZ;
+
+ /* --- Note on socket buffer sizes --- *
+ *
+ * For some bizarre reason, Linux 2.2 (at least) doubles the socket buffer
+ * sizes I pass to @setsockopt@. I'm not putting special-case code here
+ * for Linux: BSD (at least TCPv2) does what I tell it rather than second-
+ * guessing me.
+ */
if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) < 0)
die(EXIT_FAILURE, "socket creation failed: %s", strerror(errno));
sin.sin_port = htons(port);
if (bind(fd, (struct sockaddr *)&sin, sizeof(sin)))
die(EXIT_FAILURE, "bind failed: %s", strerror(errno));
+ if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &len, sizeof(len)) ||
+ setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &len, sizeof(len))) {
+ die(EXIT_FAILURE, "failed to set socket buffer sizes: %s",
+ strerror(errno));
+ }
+ fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
sel_initfile(&sel, &sock, fd, SEL_READ, p_read, 0);
sel_addfile(&sock);
T( trace(T_PEER, "peer: created socket"); )
p->prev = 0;
memcpy(&p->peer.sa, sa, sz);
p->sasz = sz;
+ memset(&p->st, 0, sizeof(stats));
+ p->st.t_start = time(0);
if (kx_init(&p->kx, p, &p->ks))
goto tidy_0;
if (tun_create(&p->t, p))
void p_destroy(peer *p)
{
T( trace(T_PEER, "peer: destroying peer `%s'", p->name); )
- ks_free(&p->ks);
+ ksl_free(&p->ks);
kx_free(&p->kx);
tun_destroy(&p->t);
xfree(p->name);
~mdw / tripe / blobdiff