/*
* OpenConnect (SSL + DTLS) VPN client
*
- * Copyright © 2008-2010 Intel Corporation.
+ * Copyright © 2008-2011 Intel Corporation.
*
* Author: David Woodhouse <dwmw2@infradead.org>
*
* Boston, MA 02110-1301 USA
*/
-#define _POSIX_SOURCE
#include <errno.h>
#include <poll.h>
#include <limits.h>
#include <sys/select.h>
+#include <stdlib.h>
#include <signal.h>
-#include <arpa/inet.h>
#include <unistd.h>
#include <string.h>
-#include <openssl/ssl.h>
-
#include "openconnect-internal.h"
void queue_packet(struct pkt **q, struct pkt *new)
struct timeval tv;
fd_set rfds, wfds, efds;
-#ifdef SSL_OP_CISCO_ANYCONNECT
+#ifdef HAVE_DTLS
if (vpninfo->new_dtls_ssl)
dtls_try_handshake(vpninfo);
/* Called when the socket is unwritable, to get the deadline for DPD.
Returns 1 if DPD deadline has already arrived. */
-int ka_stalled_dpd_time(struct keepalive_info *ka, int *timeout)
+int ka_stalled_action(struct keepalive_info *ka, int *timeout)
{
- time_t now, due;
+ time_t due, now = time(NULL);
+
+ if (ka->rekey) {
+ due = ka->last_rekey + ka->rekey;
+
+ if (now >= due)
+ return KA_REKEY;
+
+ if (*timeout > (due - now) * 1000)
+ *timeout = (due - now) * 1000;
+ }
if (!ka->dpd)
- return 0;
+ return KA_NONE;
- time(&now);
due = ka->last_rx + (2 * ka->dpd);
if (now > due)
- return 1;
+ return KA_DPD_DEAD;
if (*timeout > (due - now) * 1000)
*timeout = (due - now) * 1000;
- return 0;
+ return KA_NONE;
}