~mdw
/
secnet
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
comm clientinfo: Provide clientinfo interface
[secnet]
/
site.c
diff --git
a/site.c
b/site.c
index
9ba1a28
..
4ce4c24
100644
(file)
--- a/
site.c
+++ b/
site.c
@@
-296,6
+296,7
@@
struct site {
/* configuration information */
string_t localname;
string_t remotename;
/* configuration information */
string_t localname;
string_t remotename;
+ bool_t keepalive;
bool_t local_mobile, peer_mobile; /* Mobile client support */
int32_t transport_peers_max;
string_t tunname; /* localname<->remotename by default, used in logs */
bool_t local_mobile, peer_mobile; /* Mobile client support */
int32_t transport_peers_max;
string_t tunname; /* localname<->remotename by default, used in logs */
@@
-1146,6
+1147,10
@@
static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
case LABEL_MSG7:
/* We must forget about the current session. */
delete_keys(st,"request from peer",LOG_SEC);
case LABEL_MSG7:
/* We must forget about the current session. */
delete_keys(st,"request from peer",LOG_SEC);
+ /* probably, the peer is shutting down, and this is going to fail,
+ * but we need to be trying to bring the link up again */
+ if (st->keepalive)
+ initiate_key_setup(st,"peer requested key teardown",0);
return True;
case LABEL_MSG9:
/* Deliver to netlink layer */
return True;
case LABEL_MSG9:
/* Deliver to netlink layer */
@@
-1164,16
+1169,25
@@
static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
}
static void dump_packet(struct site *st, struct buffer_if *buf,
}
static void dump_packet(struct site *st, struct buffer_if *buf,
- const struct comm_addr *addr, bool_t incoming)
+ const struct comm_addr *addr, bool_t incoming,
+ bool_t ok)
{
uint32_t dest=get_uint32(buf->start);
uint32_t source=get_uint32(buf->start+4);
uint32_t msgtype=get_uint32(buf->start+8);
if (st->log_events & LOG_DUMP)
{
uint32_t dest=get_uint32(buf->start);
uint32_t source=get_uint32(buf->start+4);
uint32_t msgtype=get_uint32(buf->start+8);
if (st->log_events & LOG_DUMP)
- slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x:",
+ slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x:
%s%s
",
st->tunname,incoming?"incoming":"outgoing",
st->tunname,incoming?"incoming":"outgoing",
- dest,source,msgtype);
+ dest,source,msgtype,comm_addr_to_string(addr),
+ ok?"":" - fail");
+}
+
+static bool_t comm_addr_sendmsg(struct site *st,
+ const struct comm_addr *dest,
+ struct buffer_if *buf)
+{
+ return dest->comm->sendmsg(dest->comm->st, buf, dest, 0);
}
static uint32_t site_status(void *st)
}
static uint32_t site_status(void *st)
@@
-1427,6
+1441,9
@@
static void enter_state_run(struct site *st)
memset(st->dhsecret,0,st->dh->len);
memset(st->sharedsecret,0,st->sharedsecretlen);
set_link_quality(st);
memset(st->dhsecret,0,st->dh->len);
memset(st->sharedsecret,0,st->sharedsecretlen);
set_link_quality(st);
+
+ if (st->keepalive && !current_valid(st))
+ initiate_key_setup(st, "keepalive", 0);
}
static bool_t ensure_resolving(struct site *st)
}
static bool_t ensure_resolving(struct site *st)
@@
-1600,8
+1617,8
@@
static void generate_send_prod(struct site *st,
slog(st,LOG_SETUP_INIT,"prodding peer for key exchange");
st->allow_send_prod=0;
generate_prod(st,&st->scratch);
slog(st,LOG_SETUP_INIT,"prodding peer for key exchange");
st->allow_send_prod=0;
generate_prod(st,&st->scratch);
-
dump_packet(st,&st->scratch,source,False
);
-
source->comm->sendmsg(source->comm->st, &st->scratch, source
);
+
bool_t ok = comm_addr_sendmsg(st, source, &st->scratch
);
+
dump_packet(st,&st->scratch,source,False,ok
);
}
static inline void site_settimeout(uint64_t timeout, int *timeout_io)
}
static inline void site_settimeout(uint64_t timeout, int *timeout_io)
@@
-1734,7
+1751,7
@@
static bool_t site_incoming(void *sst, struct buffer_if *buf,
if (!named_for_us(st,buf,msgtype,&named_msg))
return False;
/* It's a MSG1 addressed to us. Decide what to do about it. */
if (!named_for_us(st,buf,msgtype,&named_msg))
return False;
/* It's a MSG1 addressed to us. Decide what to do about it. */
- dump_packet(st,buf,source,True);
+ dump_packet(st,buf,source,True
,True
);
if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
st->state==SITE_WAIT) {
/* We should definitely process it */
if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
st->state==SITE_WAIT) {
/* We should definitely process it */
@@
-1784,7
+1801,7
@@
static bool_t site_incoming(void *sst, struct buffer_if *buf,
if (msgtype==LABEL_PROD) {
if (!named_for_us(st,buf,msgtype,&named_msg))
return False;
if (msgtype==LABEL_PROD) {
if (!named_for_us(st,buf,msgtype,&named_msg))
return False;
- dump_packet(st,buf,source,True);
+ dump_packet(st,buf,source,True
,True
);
if (st->state!=SITE_RUN) {
slog(st,LOG_DROP,"ignoring PROD when not in state RUN");
} else if (current_valid(st)) {
if (st->state!=SITE_RUN) {
slog(st,LOG_DROP,"ignoring PROD when not in state RUN");
} else if (current_valid(st)) {
@@
-1797,7
+1814,7
@@
static bool_t site_incoming(void *sst, struct buffer_if *buf,
}
if (dest==st->index) {
/* Explicitly addressed to us */
}
if (dest==st->index) {
/* Explicitly addressed to us */
- if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True);
+ if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True
,True
);
switch (msgtype) {
case LABEL_NAK:
/* If the source is our current peer then initiate a key setup,
switch (msgtype) {
case LABEL_NAK:
/* If the source is our current peer then initiate a key setup,
@@
-1965,6
+1982,8
@@
static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
st->localname=dict_read_string(dict, "local-name", True, "site", loc);
st->remotename=dict_read_string(dict, "name", True, "site", loc);
st->localname=dict_read_string(dict, "local-name", True, "site", loc);
st->remotename=dict_read_string(dict, "name", True, "site", loc);
+ st->keepalive=dict_read_bool(dict,"keepalive",False,"site",loc,False);
+
st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
st->local_mobile=
dict_read_bool(dict,"local-mobile",False,"site",loc,False);
st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
st->local_mobile=
dict_read_bool(dict,"local-mobile",False,"site",loc,False);
@@
-2347,10
+2366,9
@@
void transport_xmit(struct site *st, transport_peers *peers,
int nfailed=0;
for (slot=0; slot<peers->npeers; slot++) {
transport_peer *peer=&peers->peers[slot];
int nfailed=0;
for (slot=0; slot<peers->npeers; slot++) {
transport_peer *peer=&peers->peers[slot];
+ bool_t ok = comm_addr_sendmsg(st, &peer->addr, buf);
if (candebug)
if (candebug)
- dump_packet(st, buf, &peer->addr, False);
- bool_t ok =
- peer->addr.comm->sendmsg(peer->addr.comm->st, buf, &peer->addr);
+ dump_packet(st, buf, &peer->addr, False, ok);
if (!ok) {
failed |= 1U << slot;
nfailed++;
if (!ok) {
failed |= 1U << slot;
nfailed++;
@@
-2372,12
+2390,14
@@
void transport_xmit(struct site *st, transport_peers *peers,
transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
assert(wslot+nfailed == peers->npeers);
COPY_ARRAY(peers->peers+wslot, failedpeers, nfailed);
transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
assert(wslot+nfailed == peers->npeers);
COPY_ARRAY(peers->peers+wslot, failedpeers, nfailed);
+ transport_peers_debug(st,peers,"mobile failure reorder",0,0,0);
}
} else {
if (failed && peers->npeers > 1) {
int wslot=0;
transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
peers->npeers=wslot;
}
} else {
if (failed && peers->npeers > 1) {
int wslot=0;
transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
peers->npeers=wslot;
+ transport_peers_debug(st,peers,"non-mobile failure cleanup",0,0,0);
}
}
}
}
}
}