/*
* OpenConnect (SSL + DTLS) VPN client
*
- * Copyright © 2008-2010 Intel Corporation.
+ * Copyright © 2008-2011 Intel Corporation.
*
* Author: David Woodhouse <dwmw2@infradead.org>
*
#include <poll.h>
#include <limits.h>
#include <sys/select.h>
+#include <stdlib.h>
#include <signal.h>
-#include <arpa/inet.h>
#include <unistd.h>
#include <string.h>
-#include <openssl/ssl.h>
-
-#include "openconnect.h"
+#include "openconnect-internal.h"
void queue_packet(struct pkt **q, struct pkt *new)
{
struct timeval tv;
fd_set rfds, wfds, efds;
-#ifdef SSL_F_DTLS1_CONNECT
+#ifdef HAVE_DTLS
if (vpninfo->new_dtls_ssl)
dtls_try_handshake(vpninfo);
if (vpninfo->dtls_attempt_period && !vpninfo->dtls_ssl && !vpninfo->new_dtls_ssl &&
vpninfo->new_dtls_started + vpninfo->dtls_attempt_period < time(NULL)) {
- vpninfo->progress(vpninfo, PRG_TRACE, "Attempt new DTLS connection\n");
+ vpn_progress(vpninfo, PRG_TRACE, _("Attempt new DTLS connection\n"));
connect_dtls_socket(vpninfo);
}
if (vpninfo->dtls_ssl)
if (did_work)
continue;
- vpninfo->progress(vpninfo, PRG_TRACE,
- "Did no work; sleeping for %d ms...\n", timeout);
+ vpn_progress(vpninfo, PRG_TRACE,
+ _("No work to do; sleeping for %d ms...\n"), timeout);
memcpy(&rfds, &vpninfo->select_rfds, sizeof(rfds));
memcpy(&wfds, &vpninfo->select_wfds, sizeof(wfds));
memcpy(&efds, &vpninfo->select_efds, sizeof(efds));
/* Called when the socket is unwritable, to get the deadline for DPD.
Returns 1 if DPD deadline has already arrived. */
-int ka_stalled_dpd_time(struct keepalive_info *ka, int *timeout)
+int ka_stalled_action(struct keepalive_info *ka, int *timeout)
{
- time_t now, due;
+ time_t due, now = time(NULL);
+
+ if (ka->rekey) {
+ due = ka->last_rekey + ka->rekey;
+
+ if (now >= due)
+ return KA_REKEY;
+
+ if (*timeout > (due - now) * 1000)
+ *timeout = (due - now) * 1000;
+ }
if (!ka->dpd)
- return 0;
+ return KA_NONE;
- time(&now);
due = ka->last_rx + (2 * ka->dpd);
if (now > due)
- return 1;
+ return KA_DPD_DEAD;
if (*timeout > (due - now) * 1000)
*timeout = (due - now) * 1000;
- return 0;
+ return KA_NONE;
}