diff options
author | Alberto Gonzalez Iniesta <agi@inittab.org> | 2012-11-05 16:28:10 +0100 |
---|---|---|
committer | Alberto Gonzalez Iniesta <agi@inittab.org> | 2012-11-05 16:28:10 +0100 |
commit | d213c4e5576e2fd601679e0d7b2fb1262b807111 (patch) | |
tree | 5f0cc82bd0f11fb13b385417604d04c751245a92 /src/openvpn/ping.c | |
parent | 79c8d3ef7a938f86472e549ef64e1fb820dc80c4 (diff) | |
parent | 8dd0350e1607aa30f7a043c8d5ec7a7eeb874115 (diff) |
Merge tag 'upstream/2.3_rc1'
Upstream version 2.3_rc1
Diffstat (limited to 'src/openvpn/ping.c')
-rw-r--r-- | src/openvpn/ping.c | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/src/openvpn/ping.c b/src/openvpn/ping.c new file mode 100644 index 0000000..6dc0b4e --- /dev/null +++ b/src/openvpn/ping.c @@ -0,0 +1,98 @@ +/* + * OpenVPN -- An application to securely tunnel IP networks + * over a single TCP/UDP port, with support for SSL/TLS-based + * session authentication and key exchange, + * packet encryption, packet authentication, and + * packet compression. + * + * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#elif defined(_MSC_VER) +#include "config-msvc.h" +#endif + +#include "syshead.h" + +#include "ping.h" + +#include "memdbg.h" + +#include "ping-inline.h" + +/* + * This random string identifies an OpenVPN ping packet. + * It should be of sufficient length and randomness + * so as not to collide with other tunnel data. + * + * PING_STRING_SIZE must be sizeof (ping_string) + */ +const uint8_t ping_string[] = { + 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb, + 0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48 +}; + +/* + * Should we exit or restart due to ping (or other authenticated packet) + * not received in n seconds? + */ +void +check_ping_restart_dowork (struct context *c) +{ + struct gc_arena gc = gc_new (); + switch (c->options.ping_rec_timeout_action) + { + case PING_EXIT: + msg (M_INFO, "%sInactivity timeout (--ping-exit), exiting", + format_common_name (c, &gc)); + c->sig->signal_received = SIGTERM; + c->sig->signal_text = "ping-exit"; + break; + case PING_RESTART: + msg (M_INFO, "%sInactivity timeout (--ping-restart), restarting", + format_common_name (c, &gc)); + c->sig->signal_received = SIGUSR1; /* SOFT-SIGUSR1 -- Ping Restart */ + c->sig->signal_text = "ping-restart"; + break; + default: + ASSERT (0); + } + gc_free (&gc); +} + +/* + * Should we ping the remote? + */ +void +check_ping_send_dowork (struct context *c) +{ + c->c2.buf = c->c2.buffers->aux_buf; + ASSERT (buf_init (&c->c2.buf, FRAME_HEADROOM (&c->c2.frame))); + ASSERT (buf_safe (&c->c2.buf, MAX_RW_SIZE_TUN (&c->c2.frame))); + ASSERT (buf_write (&c->c2.buf, ping_string, sizeof (ping_string))); + + /* + * We will treat the ping like any other outgoing packet, + * encrypt, sign, etc. + */ + encrypt_sign (c, true); + /* Set length to 0, so it won't be counted as activity */ + c->c2.buf.len = 0; + dmsg (D_PING, "SENT PING"); +} |