Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1

Conflicts: src/net.c src/net_packet.c src/net_socket.c
2012-02-23 13:26:01 +01:00 · 2012-02-23 13:26:01 +01:00 · f5dc136cfd
commit f5dc136cfd
parent 3fba80174d 5a28aa7b8b
8 changed files with 67 additions and 7 deletions
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@ -335,6 +335,18 @@ This option controls the period the encryption keys used to encrypt the data are
 It is common practice to change keys at regular intervals to make it even harder for crackers,
 even though it is thought to be nearly impossible to crack a single key.

+.It Va LocalDiscovery Li = yes | no Po no Pc Bq experimental
+When enabled,
+.Nm tinc
+will try to detect peers that are on the same local network.
+This will allow direct communication using LAN addresses, even if both peers are behind a NAT
+and they only ConnectTo a third node outside the NAT,
+which normally would prevent the peers from learning each other's LAN address.
+
+.Pp
+Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
+This feature may not work in all possible situations.
+
 .It Va MACExpire Li = Ar seconds Pq 600
 This option controls the amount of time MAC addresses are kept before they are removed.
 This only has effect when
--- a/doc/tinc.texi
+++ b/doc/tinc.texi
@ -961,6 +961,16 @@ Depending on the operating system and the type of device this may or may not act
 Under Windows, this variable is used to select which network interface will be used.
 If you specified a Device, this variable is almost always already correctly set.

+@cindex LocalDiscovery
+@item LocalDiscovery = <yes | no> (no) [experimental]
+When enabled, tinc will try to detect peers that are on the same local network.
+This will allow direct communication using LAN addresses, even if both peers are behind a NAT
+and they only ConnectTo a third node outside the NAT,
+which normally would prevent the peers from learning each other's LAN address.
+
+Currently, local discovery is implemented by sending broadcast packets to the LAN during path MTU discovery.
+This feature may not work in all possible situations.
+
@cindex Mode
@item Mode = <router|switch|hub> (router)
 This option selects the way packets are routed to other daemons.
--- a/src/graph.c
+++ b/src/graph.c
@ -239,6 +239,7 @@ void sssp_bfs(void) {
 	myself->status.visited = true;
 	myself->status.indirect = false;
 	myself->nexthop = myself;
+	myself->prevedge = NULL;
 	myself->via = myself;
 	list_insert_head(todo_list, myself);

@ -279,6 +280,7 @@ void sssp_bfs(void) {
 			e->to->status.visited = true;
 			e->to->status.indirect = indirect;
 			e->to->nexthop = (n->nexthop == myself) ? e->to : n->nexthop;
+			e->to->prevedge = e;
 			e->to->via = indirect ? n->via : e->to;
 			e->to->options = e->options;

--- a/src/net.h
+++ b/src/net.h
@ -109,6 +109,7 @@ extern int maxoutbufsize;
 extern int seconds_till_retry;
 extern int addressfamily;
 extern unsigned replaywin;
+extern bool localdiscovery;

 extern listen_socket_t listen_socket[MAXSOCKETS];
 extern int listen_sockets;
--- a/src/net_packet.c
+++ b/src/net_packet.c
@ -62,13 +62,21 @@ static char lzo_wrkmem[LZO1X_999_MEM_COMPRESS > LZO1X_1_MEM_COMPRESS ? LZO1X_999
 static void send_udppacket(node_t *, vpn_packet_t *);

 unsigned replaywin = 16;
+bool localdiscovery = false;

 #define MAX_SEQNO 1073741824

-// mtuprobes == 1..30: initial discovery, send bursts with 1 second interval
-// mtuprobes ==    31: sleep pinginterval seconds
-// mtuprobes ==    32: send 1 burst, sleep pingtimeout second
-// mtuprobes ==    33: no response from other side, restart PMTU discovery process
+/* mtuprobes == 1..30: initial discovery, send bursts with 1 second interval
+   mtuprobes ==    31: sleep pinginterval seconds
+   mtuprobes ==    32: send 1 burst, sleep pingtimeout second
+   mtuprobes ==    33: no response from other side, restart PMTU discovery process
+
+   Probes are sent in batches of three, with random sizes between the lower and
+   upper boundaries for the MTU thus far discovered.
+
+   In case local discovery is enabled, a fourth packet is added to each batch,
+   which will be broadcast to the local network.
+*/

 static void send_mtu_probe_handler(int fd, short events, void *data) {
 	node_t *n = data;
@ -119,7 +127,7 @@ static void send_mtu_probe_handler(int fd, short events, void *data) {
 		timeout = pingtimeout;
 	}

-	for(i = 0; i < 3; i++) {
+	for(i = 0; i < 3 + localdiscovery; i++) {
 		if(n->maxmtu <= n->minmtu)
 			len = n->maxmtu;
 		else
@ -131,7 +139,7 @@ static void send_mtu_probe_handler(int fd, short events, void *data) {
 		memset(packet.data, 0, 14);
 		randomize(packet.data + 14, len - 14);
 		packet.len = len;
-		packet.priority = 0;
+		packet.priority = i < 3 ? 0 : -1;

 		ifdebug(TRAFFIC) logger(LOG_INFO, "Sending MTU probe length %d to %s (%s)", len, n->name, n->hostname);

@ -473,6 +481,29 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {

 	/* Send the packet */

+	struct sockaddr *sa;
+	socklen_t sl;
+	int sock;
+
+	/* Overloaded use of priority field: -1 means local broadcast */
+
+	if(origpriority == -1 && n->prevedge) {
+		struct sockaddr_in in;
+		in.sin_family = AF_INET;
+		in.sin_addr.s_addr = -1;
+		in.sin_port = n->prevedge->address.in.sin_port;
+		sa = (struct sockaddr *)&in;
+		sl = sizeof in;
+		sock = 0;
+	} else {
+		if(origpriority == -1)
+			origpriority = 0;
+
+		sa = &(n->address.sa);
+		sl = SALEN(n->address.sa);
+		sock = n->sock;
+	}
+
 #if defined(SOL_IP) && defined(IP_TOS)
 	if(priorityinheritance && origpriority != priority
 	   && listen_socket[n->sock].sa.sa.sa_family == AF_INET) {
@ -483,7 +514,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
 	}
 #endif

-	if(sendto(listen_socket[n->sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, &(n->address.sa), SALEN(n->address.sa)) < 0 && !sockwouldblock(sockerrno)) {
+	if(sendto(listen_socket[sock].udp, (char *) &inpkt->seqno, inpkt->len, 0, sa, sl) < 0 && !sockwouldblock(sockerrno)) {
 		if(sockmsgsize(sockerrno)) {
 			if(n->maxmtu >= origlen)
 				n->maxmtu = origlen - 1;
@ -593,6 +624,7 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
 	if(hard)
 		last_hard_try = now;

+	last_hard_try = now;
 	return n;
 }

--- a/src/net_setup.c
+++ b/src/net_setup.c
@ -433,6 +433,7 @@ static bool setup_myself(void) {
 	get_config_bool(lookup_config(config_tree, "DirectOnly"), &directonly);
 	get_config_bool(lookup_config(config_tree, "StrictSubnets"), &strictsubnets);
 	get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
+	get_config_bool(lookup_config(config_tree, "LocalDiscovery"), &localdiscovery);
 	strictsubnets |= tunnelserver;

 	if(get_config_string(lookup_config(config_tree, "Mode"), &mode)) {
--- a/src/net_socket.c
+++ b/src/net_socket.c
@ -210,6 +210,7 @@ int setup_vpn_in_socket(const sockaddr_t *sa) {

 	option = 1;
 	setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, (void *)&option, sizeof option);
+	setsockopt(nfd, SOL_SOCKET, SO_BROADCAST, (void *)&option, sizeof option);

 	if(udp_rcvbuf && setsockopt(nfd, SOL_SOCKET, SO_RCVBUF, (void *)&udp_rcvbuf, sizeof(udp_rcvbuf)))
 		logger(LOG_WARNING, "Can't set UDP SO_RCVBUF to %i: %s", udp_rcvbuf, strerror(errno));
--- a/src/node.h
+++ b/src/node.h
@ -64,6 +64,7 @@ typedef struct node_t {

 	int distance;
 	struct node_t *nexthop;			/* nearest node from us to him */
+	struct edge_t *prevedge;		/* nearest node from him to us */
 	struct node_t *via;			/* next hop for UDP packets */

 	splay_tree_t *subnet_tree;		/* Pointer to a tree of subnets belonging to this node */