X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/c215a4bc817daf7b5631236c3c7b6a509479b034..1fc8a4acb3ef658696038c9c4bd3c155fbc27ac3:/site.c

diff --git a/site.c b/site.c
index 9ba1a28..dcac0ba 100644
--- a/site.c
+++ b/site.c
@@ -296,6 +296,7 @@ struct site {
 /* configuration information */
     string_t localname;
     string_t remotename;
+    bool_t keepalive;
     bool_t local_mobile, peer_mobile; /* Mobile client support */
     int32_t transport_peers_max;
     string_t tunname; /* localname<->remotename by default, used in logs */
@@ -304,6 +305,7 @@ struct site {
     uint32_t mtu_target;
     struct netlink_if *netlink;
     struct comm_if **comms;
+    struct comm_clientinfo **commclientinfos;
     int ncomms;
     struct resolver_if *resolver;
     struct log_if *log;
@@ -1146,6 +1148,10 @@ static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
     case LABEL_MSG7:
 	/* We must forget about the current session. */
 	delete_keys(st,"request from peer",LOG_SEC);
+	/* probably, the peer is shutting down, and this is going to fail,
+	 * but we need to be trying to bring the link up again */
+	if (st->keepalive)
+	    initiate_key_setup(st,"peer requested key teardown",0);
 	return True;
     case LABEL_MSG9:
 	/* Deliver to netlink layer */
@@ -1164,16 +1170,34 @@ static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
 }
 
 static void dump_packet(struct site *st, struct buffer_if *buf,
-			const struct comm_addr *addr, bool_t incoming)
+			const struct comm_addr *addr, bool_t incoming,
+			bool_t ok)
 {
     uint32_t dest=get_uint32(buf->start);
     uint32_t source=get_uint32(buf->start+4);
     uint32_t msgtype=get_uint32(buf->start+8);
 
     if (st->log_events & LOG_DUMP)
-	slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x:",
+	slilog(st->log,M_DEBUG,"%s: %s: %08x<-%08x: %08x: %s%s",
 	       st->tunname,incoming?"incoming":"outgoing",
-	       dest,source,msgtype);
+	       dest,source,msgtype,comm_addr_to_string(addr),
+	       ok?"":" - fail");
+}
+
+static bool_t comm_addr_sendmsg(struct site *st,
+				const struct comm_addr *dest,
+				struct buffer_if *buf)
+{
+    int i;
+    struct comm_clientinfo *commclientinfo = 0;
+
+    for (i=0; i < st->ncomms; i++) {
+	if (st->comms[i] == dest->comm) {
+	    commclientinfo = st->commclientinfos[i];
+	    break;
+	}
+    }
+    return dest->comm->sendmsg(dest->comm->st, buf, dest, commclientinfo);
 }
 
 static uint32_t site_status(void *st)
@@ -1427,6 +1451,9 @@ static void enter_state_run(struct site *st)
     memset(st->dhsecret,0,st->dh->len);
     memset(st->sharedsecret,0,st->sharedsecretlen);
     set_link_quality(st);
+
+    if (st->keepalive && !current_valid(st))
+	initiate_key_setup(st, "keepalive", 0);
 }
 
 static bool_t ensure_resolving(struct site *st)
@@ -1600,8 +1627,8 @@ static void generate_send_prod(struct site *st,
     slog(st,LOG_SETUP_INIT,"prodding peer for key exchange");
     st->allow_send_prod=0;
     generate_prod(st,&st->scratch);
-    dump_packet(st,&st->scratch,source,False);
-    source->comm->sendmsg(source->comm->st, &st->scratch, source);
+    bool_t ok = comm_addr_sendmsg(st, source, &st->scratch);
+    dump_packet(st,&st->scratch,source,False,ok);
 }
 
 static inline void site_settimeout(uint64_t timeout, int *timeout_io)
@@ -1734,7 +1761,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
 	if (!named_for_us(st,buf,msgtype,&named_msg))
 	    return False;
 	/* It's a MSG1 addressed to us. Decide what to do about it. */
-	dump_packet(st,buf,source,True);
+	dump_packet(st,buf,source,True,True);
 	if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
 	    st->state==SITE_WAIT) {
 	    /* We should definitely process it */
@@ -1784,7 +1811,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
     if (msgtype==LABEL_PROD) {
 	if (!named_for_us(st,buf,msgtype,&named_msg))
 	    return False;
-	dump_packet(st,buf,source,True);
+	dump_packet(st,buf,source,True,True);
 	if (st->state!=SITE_RUN) {
 	    slog(st,LOG_DROP,"ignoring PROD when not in state RUN");
 	} else if (current_valid(st)) {
@@ -1797,7 +1824,7 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
     }
     if (dest==st->index) {
 	/* Explicitly addressed to us */
-	if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True);
+	if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True,True);
 	switch (msgtype) {
 	case LABEL_NAK:
 	    /* If the source is our current peer then initiate a key setup,
@@ -1965,6 +1992,8 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
     st->localname=dict_read_string(dict, "local-name", True, "site", loc);
     st->remotename=dict_read_string(dict, "name", True, "site", loc);
 
+    st->keepalive=dict_read_bool(dict,"keepalive",False,"site",loc,False);
+
     st->peer_mobile=dict_read_bool(dict,"mobile",False,"site",loc,False);
     st->local_mobile=
 	dict_read_bool(dict,"local-mobile",False,"site",loc,False);
@@ -2014,6 +2043,14 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
 
     GET_CLOSURE_LIST("comm",comms,ncomms,CL_COMM);
 
+    NEW_ARY(st->commclientinfos, st->ncomms);
+    dict_t *comminfo = dict_read_dict(dict,"comm-info",False,"site",loc);
+    for (i=0; i<st->ncomms; i++) {
+	st->commclientinfos[i] =
+	    !comminfo ? 0 :
+	    st->comms[i]->clientinfo(st->comms[i],comminfo,loc);
+    }
+
     st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
     st->log=find_cl_if(dict,"log",CL_LOG,True,"site",loc);
     st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
@@ -2347,10 +2384,9 @@ void transport_xmit(struct site *st, transport_peers *peers,
     int nfailed=0;
     for (slot=0; slot<peers->npeers; slot++) {
 	transport_peer *peer=&peers->peers[slot];
+	bool_t ok = comm_addr_sendmsg(st, &peer->addr, buf);
 	if (candebug)
-	    dump_packet(st, buf, &peer->addr, False);
-	bool_t ok =
-	    peer->addr.comm->sendmsg(peer->addr.comm->st, buf, &peer->addr);
+	    dump_packet(st, buf, &peer->addr, False, ok);
 	if (!ok) {
 	    failed |= 1U << slot;
 	    nfailed++;
@@ -2372,12 +2408,14 @@ void transport_xmit(struct site *st, transport_peers *peers,
 	    transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
 	    assert(wslot+nfailed == peers->npeers);
 	    COPY_ARRAY(peers->peers+wslot, failedpeers, nfailed);
+	    transport_peers_debug(st,peers,"mobile failure reorder",0,0,0);
 	}
     } else {
 	if (failed && peers->npeers > 1) {
 	    int wslot=0;
 	    transport_peers__copy_by_mask(peers->peers,&wslot,~failed,peers);
 	    peers->npeers=wslot;
+	    transport_peers_debug(st,peers,"non-mobile failure cleanup",0,0,0);
 	}
     }
 }