-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconnections.c
1126 lines (1040 loc) · 32.4 KB
/
connections.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <netinet/ip_icmp.h>
#include "connections.h"
#include "context.h"
#include "log.h"
#include "sidecar.h"
#include "pmdb.h"
#include "pmdb_echoidcache.h"
static int update_old_data(struct connection * con, struct iphdr *,struct tcphdr *tcp);
static connection * connection_lookup_by_icmp_ping(struct tapcontext *ctx, iphdr *ip, struct icmp_header *,int len);
static connection * connection_lookup_by_icmp_in_icmp(struct tapcontext *ctx, iphdr *ip, iphdr * real_ip,int len);
// static connection * connection_lookup_by_id(int);
char * connection_statestr[]={
"UNKNOWN",
"SYNSENT",
"SYNACKSENT",
"CONNECTED",
"CLOSED",
"TIMEWAIT",
"REMOTECLOSE"
};
struct timestamp_bucket // used to store timestamps, for RTT calculations
{
u32 value;
struct timeval sentTime;
struct timestamp_bucket * next, *prev;
};
static int ConnectionID=0;
static int IP_ID_COUNTER=0;
/******************************************************************
* connection * connection_create(struct tapcontext *, unsigned int dstip, unsigned short dport);
* create a connection struct, fill in values, insert into the hash lookup table
*/
connection * connection_create(struct tapcontext *ctx, iphdr *ip, tcphdr *tcp)
{
connection *c;
unsigned int remoteip,lseq,rseq;
unsigned short rport,lport;
unsigned short hash;
char remoteIPbuf[BUFLEN];
int lwindow,rwindow;
int srcIsRemote;
if(tcp->rst || tcp->fin)
return NULL; // don't create connections where the first packet we see
// is a fin or rst
if((!tcp->syn)&&(ntohs(ip->tot_len)==((ip->ihl+tcp->doff)*4)))
return NULL; // don't start a new connection until we see data or a syn packet
// this prevents spurious connections being created from the final
// part of a three way close
c = (connection *) malloc_and_test(sizeof(connection));
if(c==NULL)
{
perror("connection_create::malloc");
abort();
}
memset(c,0,sizeof(connection));
if(ip->saddr == ctx->localIP)
{
remoteip=ip->daddr;
rport=ntohs(tcp->dest);
lport=ntohs(tcp->source);
lseq = ntohl(tcp->seq);
rseq = ntohl(tcp->ack_seq);
lwindow=ntohs(tcp->window);
c->l_ip_id=ip->id; // don't switch to host byte order
c->ackrecved=0;
rwindow=-1;
srcIsRemote=0;
} else {
remoteip=ip->saddr;
rport=ntohs(tcp->source);
lport=ntohs(tcp->dest);
lseq = ntohl(tcp->ack_seq);
rseq = ntohl(tcp->seq);
rwindow=ntohs(tcp->window);
c->l_ip_id=0;
if(tcp->ack)
c->ackrecved=ntohl(tcp->ack_seq);
lwindow=-1;
srcIsRemote=1;
}
// fill in values
c->magic=CONMAGIC;
c->remoteIP=remoteip;
c->rport=rport;
c->lport=lport;
c->lSeq=lseq;
c->rSeq=rseq;
c->refcount=1;
c->lWindow=MAX(lwindow,0);
c->rWindow=MAX(rwindow,0);
c->idletimerId=-1; // no idle timer yet
c->idletimeout=0; // no idle timer yet
if(srcIsRemote)
c->remoteTTL=ip->ttl;
else
c->remoteTTL=-1; // needs to be set latter
c->oldDataMax=CONNECTION_DEFAULT_OLD_DATA; // circular buffer
c->oldData = malloc_and_test(c->oldDataMax);
assert(c->oldData);
c->oldDataIndex=c->oldDataFull=0;
c->timewaitCallback=NULL;
c->icmpInCallback=NULL;
c->icmpOutCallback=NULL;
c->inpacketsCallback=NULL;
c->outpacketsCallback=NULL;
c->closedconnectionCallback=NULL;
c->tsb_head=c->tsb_tail=NULL;
c->mostRecentTimestamp=0;
c->rtt=c->rtt_estimates=0; // zero rtt info
c->mdevrtt=3000000; // TCP Illustrated Vol I, p. 305,
// init mdev=3seconds
memset(c->probeTracking,0,NPROBES); // zero probe tracking data
#ifdef REENTRANT
c->lock = (pthread_mutex_t *) malloc_and_test(sizeof(pthread_mutex_t));
assert(c->lock);
pthread_mutex_init(c->lock,NULL);
#endif
if(tcp->syn)
{
if(tcp->ack)
c->state=SYNACKSENT;
else
c->state=SYNSENT;
} else
c->state=CONNECTED;
hash = mkhash(remoteip,rport);
// add to hash list
#ifdef REENTRANT
pthread_mutex_lock(ctx->lock);
#endif
c->next = ctx->connections[hash];
ctx->connections[hash]=c;
// add to connection list
c->connext = ctx->conhead;
c->conprev=NULL;
if(c->connext)
c->connext->conprev=c;
ctx->conhead = c;
#ifdef REENTRANT
pthread_mutex_unlock(ctx->lock);
#endif
c->id=ConnectionID++;
// log and return
inet_ntop(AF_INET,&remoteip,remoteIPbuf,BUFLEN);
sidecarlog(LOGDEBUG,"New connection from %s:%d state %s :: con id %d\n",remoteIPbuf,rport,connection_statestr[c->state], c->id);
SidecarCtx->nOpenConnections++;
return c;
}
/****************************************************************
* int connection_inc_ref(struct connection * con);
* increment the refernce counter for making a copy of the connection
*/
int connection_inc_ref(struct connection * con)
{
assert(con);
assert(con->magic==CONMAGIC);
sidecarlog(LOGDEBUG2," connection id %d inc: new refcount %d\n",con->id,++con->refcount);
return con->refcount;
}
/****************************************************************
* int mkhash(unsigned int ip, unsigned short port);
* hash the three bytes, and return something in [0,HASHSIZE]
*/
int mkhash(unsigned int ip, unsigned short port)
{
unsigned short hash;
hash = ((ip &0xffff0000)>>16)^(ip&0x0000ffff)^port;
return hash;
}
/****************************************************************
* connection * connection_lookup(tapcontext *, unsigned int dstip, unsigned short dst port);
* look in the linked list at ctx->connections[hash] to see if a connection matching the dstip:dport pair exists
* if yes, return it
* if no, return NULL
*/
connection * connection_lookup(tapcontext *ctx, iphdr *ip, tcphdr *tcp)
{
connection * c;
unsigned int remoteip;
unsigned short rport;
unsigned short hash;
if(ip->saddr == ctx->localIP)
{
remoteip=ip->daddr;
rport = ntohs(tcp->dest);
} else {
remoteip=ip->saddr;
rport = ntohs(tcp->source);
}
hash = mkhash(remoteip,rport);
c = ctx->connections[hash];
#ifdef REENTRANT
pthread_mutex_lock(ctx->lock);
#endif
while(c)
{
if((c->remoteIP == remoteip)&&(c->rport==rport))
break;
c= c->next;
}
#ifdef REENTRANT
pthread_mutex_unlock(ctx->lock);
#endif
if(c)
assert(c->magic==CONMAGIC);
return c; // either we found it, and this is valid, or we didn't find, and it's NULL
}
/****************************************************************
* connection * connection_lookup_by_icmp(struct tapcontext *, iphdr *ip);
* delve into the icmp packet and look up
* in the linked list at ctx->connections[hash] to see if a connection matching the dstip:dport pair exists
* if yes, return it
* if no, return NULL
*
*/
connection * connection_lookup_by_icmp(struct tapcontext *ctx, iphdr *ip, int len)
{
connection * c;
struct icmp_header * icmp;
struct tcphdr *tcp;
struct iphdr *real_ip;
unsigned int remoteip;
unsigned short rport;
unsigned short hash;
char srcbuf[BUFLEN],dstbuf[BUFLEN];
inet_ntop(AF_INET,&ip->saddr,srcbuf,BUFLEN);
inet_ntop(AF_INET,&ip->daddr,dstbuf,BUFLEN);
icmp = (struct icmp_header *)((unsigned char *)ip+ ip->ihl*4);
if((icmp->type == ICMP_ECHO)||(icmp->type == ICMP_ECHOREPLY))
return connection_lookup_by_icmp_ping(ctx,ip,icmp,len); // special case
if((icmp->type !=ICMP_TIME_EXCEEDED)&&(icmp->type!=ICMP_DEST_UNREACH)&&(icmp->type!=ICMP_PARAMETERPROB))
{
sidecarlog(LOGCRIT,"connection_lookup_by_icmp:: got icmp type,code= %d %d; from %s to %s handling not implemented\n",
icmp->type,icmp->code, srcbuf,dstbuf);
return NULL;
}
if(len < (2*sizeof(struct iphdr)+8+8)) // 2 ip headers + 8 byte icmp + 8 bytes of ip payload
{
sidecarlog(LOGDEBUG,"connection_lookup_by_icmp:: from %s to %s the captured packet length %d is less than %d: bad!\n",
srcbuf,dstbuf,len, 2*sizeof(struct iphdr)+4+8);
return NULL;
}
real_ip = (struct iphdr *)((unsigned char*) icmp + 8); // 8 is the magic offset into the ICMP data
if(real_ip->protocol == IPPROTO_ICMP)
return connection_lookup_by_icmp_in_icmp(ctx,ip,real_ip,len);
if(real_ip->protocol != IPPROTO_TCP) // don't know how to handle anything else
{
sidecarlog(LOGCRIT,"weird: got an icmp response (type=%d,code=%d) from a ipprot %d packet\n",
icmp->type,icmp->code,real_ip->protocol);
return (connection *)NULL;
}
tcp = (struct tcphdr *)((unsigned char*) real_ip +4*real_ip->ihl);
// now real_ip and tcp should point to the *bounced* packet's ip and tcp headers
// NOTE that only the first 8 bytes of the tcp header are valid, but that is all we need
if(real_ip->saddr == ctx->localIP)
{
remoteip=real_ip->daddr;
rport = ntohs(tcp->dest);
} else {
remoteip=real_ip->saddr;
rport = ntohs(tcp->source);
}
hash = mkhash(remoteip,rport);
c = ctx->connections[hash];
#ifdef REENTRANT
pthread_mutex_lock(ctx->lock);
#endif
while(c)
{
if((c->remoteIP == remoteip)&&(c->rport==rport))
break;
c= c->next;
}
#ifdef REENTRANT
pthread_mutex_unlock(ctx->lock);
#endif
if(c)
assert(c->magic==CONMAGIC);
else
{
sidecarlog(LOGDEBUG," got ICMP packet for unknown connection from %s to %s\n",
srcbuf,dstbuf);
}
return c; // either we found it, and this is valid, or we didn't find, and it's NULL
}
/*****************************************************************************************************
* static connection * connection_lookup_by_icmp_in_icmp(struct tapcontext *ctx, iphdr *ip, iphdr * real_ip,int len);
* we have an ICMP time-exceeded style bounce of an ICMP packet;
* look for packet_tag_by_connection() markings
*/
static connection * connection_lookup_by_icmp_in_icmp(struct tapcontext *ctx, iphdr *ip, iphdr * real_ip,int len)
{
struct icmp_header * icmp;
char srcbuf[BUFLEN],dstbuf[BUFLEN];
connection * c;
int id;
void * key;
inet_ntop(AF_INET,&ip->saddr,srcbuf,BUFLEN);
inet_ntop(AF_INET,&ip->daddr,dstbuf,BUFLEN);
icmp = (struct icmp_header *)((unsigned char *)real_ip + real_ip->ihl*4);
if(icmp->un.echo.id != ntohs(getpid()))
{
sidecarlog(LOGDEBUG," ignoring non-pid matching ICMP packet in ICMP"
" bounce for unknown connection from %s to %s\n",
srcbuf,dstbuf);
return NULL;
}
id = ntohs(icmp->un.echo.sequence);
key = pmdb_echoidcache_echo2data(id);
c = (connection *)pmdb_lookup(SidecarCtx->echoidcache,key);
if(c)
{
// pmdb_delete(SidecarCtx->echoidcache,key); // we will see it twice; don't delete(not sure what to do: is mem leak)
assert(c->magic==CONMAGIC);
}
else
{
sidecarlog(LOGDEBUG," got ICMP packet in ICMP bounce for unknown connection from %s to %s: echo.seq=%d\n",
srcbuf,dstbuf,id);
}
free(key);
return c; // either we found it, and this is valid, or we didn't find, and it's NULL
}
/****************************************************************
* connection * connection_lookup_by_icmp_ping(struct tapcontext *, iphdr *ip,struct icmp_header *icmp, int len);
* delve into the icmp packet payload, and match on CON_MAGIC_STR
* to look for connection in ctx->connections[hash] to see if a connection matching the dstip:dport pair exists
* if yes, return it
* if no, return NULL
*
*
*
*/
connection * connection_lookup_by_icmp_ping(struct tapcontext *ctx, iphdr *ip,struct icmp_header *icmp, int len)
{
pid_t pid;
connection * c;
char srcbuf[BUFLEN],dstbuf[BUFLEN];
int id;
void *key;
inet_ntop(AF_INET,&ip->saddr,srcbuf,BUFLEN);
inet_ntop(AF_INET,&ip->daddr,dstbuf,BUFLEN);
pid = getpid();
if( pid != ntohs(icmp->un.echo.id))
{
sidecarlog(LOGDEBUG,"connection_lookup_by_icmp:: ignoring PING packets from %s to %s type=%d code=%d: pid %d != id %d\n",
srcbuf,dstbuf,icmp->type,icmp->code,pid,ntohs(icmp->un.echo.id));
return NULL;
}
id = ntohs(icmp->un.echo.sequence);
key = pmdb_echoidcache_echo2data(id);
c = (connection *)pmdb_lookup(SidecarCtx->echoidcache,key);
if(c)
{
// pmdb_delete(SidecarCtx->echoidcache,key);
assert(c->magic==CONMAGIC);
}
else
{
sidecarlog(LOGDEBUG," got ICMP PING packet for unknown connection from %s to %s echo.seq=%d id=%d(%d)\n",
srcbuf,dstbuf,id,ntohs(ip->id),ip->id);
}
free(key);
return c; // either we found it, and this is valid, or we didn't find, and it's NULL
}
/******************************************************************************************
* int connection_update(struct tapcontext *, connection *c, iphdr *ip,tcphdr * tcp);
* update the given connection's information given a new packet
* return 1 if the state has changed
* else return 0
* FIXME: PAWS
*/
int connection_update(struct tapcontext *ctx,connection * c, iphdr *ip,tcphdr * tcp)
{
unsigned int lseq, rseq;
int lwindow, rwindow;
int oldstate;
char remoteIPbuf[BUFLEN];
int sourceIsLocal;
assert(c != NULL);
assert(c->magic==CONMAGIC);
lwindow=rwindow=-1;
// we have a valid existing connection in c
// figure out which side is local/remote
if((ip->saddr == ctx->localIP)&&(ntohs(tcp->source)==c->lport))
{
lseq=ntohl(tcp->seq)+ntohs(ip->tot_len)-4*(ip->ihl+tcp->doff); // SEQ+datalen
rseq=ntohl(tcp->ack_seq);
lwindow=ntohs(tcp->window);
sourceIsLocal=1;
c->l_ip_id=ip->id; // don't switch to host byte order
}
else
{
rseq=ntohl(tcp->seq)+ntohs(ip->tot_len)-4*(ip->ihl+tcp->doff); // SEQ+datalen
lseq=ntohl(tcp->ack_seq);
rwindow=ntohs(tcp->window);
if((tcp->ack)&&(ntohl(tcp->ack_seq)>c->ackrecved))
c->ackrecved=ntohl(tcp->ack_seq); // they acked new data
// FIXME not sure how to handle PAWS here
sourceIsLocal=0;
if(c->remoteTTL==-1)
c->remoteTTL=ip->ttl; // this hasn't been set yet
}
// save old state
oldstate=c->state;
if(c->state==CLOSED) // don't do any further updates on closed connections
return 0;
// update sequence space
if(lseq>c->lSeq)
{
c->lSeq=lseq;
if(lwindow!=-1)
c->lWindow=lwindow;
if(sourceIsLocal) // copy any new data to a buffer for reuse later
update_old_data(c,ip,tcp);
}
if(sourceIsLocal && c->oldDataIndex==0) // HACK: what can happen on planetlab is packets
update_old_data(c,ip,tcp); // arrive out of order, so the ACK for the data
// can arrive before the data, preventing the
// block before this from getting called
if(rseq>c->rSeq)
{
c->rSeq=rseq;
if(rwindow!=-1)
c->rWindow=rwindow;
}
// shortcut rst flag handling
// always just go to CLOSED
if(tcp->rst )
{
c->state = CLOSED;
inet_ntop(AF_INET,&c->remoteIP,remoteIPbuf,BUFLEN);
if(!sourceIsLocal)
{
sidecarlog(LOGDEBUG,"Closing connection %d by RST from %s:%d: newstate %s oldstate %s\n",
c->id,remoteIPbuf,c->rport,connection_statestr[c->state],
connection_statestr[oldstate]);
}
else
{
sidecarlog(LOGDEBUG,"Closing connection %d by local RST sent to %s:%d: newstate %s oldstate%s\n",
c->id,remoteIPbuf,c->rport,connection_statestr[c->state], connection_statestr[oldstate]);
}
return c->state!=oldstate; // if the connection just closed, return 1, otherwise 0
}
// shortcut fin flag handling
// IF sourceIsLocal
// IF oldstate==REMOTECLOSE, go to TIMEWAIT
// ELSE go to CLOSED
// ELSE
// go to REMOTECLOSE
if(tcp->fin )
{
inet_ntop(AF_INET,&c->remoteIP,remoteIPbuf,BUFLEN);
if(sourceIsLocal)
{
if((oldstate==REMOTECLOSE)||(oldstate==TIMEWAIT))
c->state=TIMEWAIT; // if remote previously init'd the close, then go to the timewait state
// this could also be an outgoing FIN|ACK probe
else
c->state=CLOSED; // else, just shut everything down
sidecarlog(LOGDEBUG,"Closing connection %d by Local FIN sent to %s:%d: new state %s oldstate %s\n",
c->id,remoteIPbuf,c->rport,connection_statestr[c->state],
connection_statestr[oldstate]);
}
else
{ // we have short cutted CLOSED connections, so we only end up here if remote init'ed close
assert(c->state!=CLOSED);
c->state=REMOTECLOSE;
sidecarlog(LOGDEBUG,"Received remote FIN from %s:%d: con id %d : new state %s oldstate %s\n",
remoteIPbuf,c->rport,c->id,connection_statestr[c->state],
connection_statestr[oldstate]);
}
return (c->state!=oldstate); // if the state changed, return 1, else 0
}
// State transitions for all non-RST/FIN packets
switch(c->state)
{
case SYNSENT:
if(tcp->syn && tcp->ack)
c->state=SYNACKSENT;
if(!tcp->syn && tcp->ack) // must have missed the SYN|ACK and ACK
c->state=CONNECTED;
break;
case SYNACKSENT:
if(!tcp->syn && tcp->ack)
c->state=CONNECTED;
break;
case REMOTECLOSE: // remote close is a half close from the remote
// we can still send data, so do same as CONNECTED
case CONNECTED:
// FIN and RST have already been handled, just record outgoing data
break;
case TIMEWAIT:
// we don't need to update anything else when in timewait
break;
case CLOSED:
// should never get here, we short cutted CLOSED connections
abort();
break;
default:
inet_ntop(AF_INET,&c->remoteIP,remoteIPbuf,BUFLEN);
sidecarlog(LOGCRIT,"ABORT: unknown state %d for %s:%d\n",
c->state,remoteIPbuf,c->rport);
abort();
};
inet_ntop(AF_INET,&c->remoteIP,remoteIPbuf,BUFLEN);
if(c->state!=oldstate)
{
sidecarlog(LOGDEBUG,"update for %s:%d new state %s\n",remoteIPbuf,c->rport,connection_statestr[c->state]);
} else
{
sidecarlog(LOGDEBUG,"update for %s:%u -- %u:%u\n",remoteIPbuf,c->rport,c->lSeq,c->rSeq);
}
return c->state!=oldstate;
}
/*******************************************************************
* int connection_free(struct tapcontext *, connection *);
* decr reference count
* if zero, remove from hashlist, free mem
*/
int connection_free(tapcontext * ctx, connection *c)
{
unsigned short hash;
connection * parent,*tmp;
char remoteIPbuf[BUFLEN];
void (*fun)(void *);
void *arg;
struct timestamp_bucket *tsb,*tmptsb;
assert(c);
assert(ctx);
assert(c->magic==CONMAGIC);
c->refcount--;
sidecarlog(LOGDEBUG2," connection id %d free: new refcount %d\n",c->id,c->refcount);
if(c->refcount>0) // the bell does not toll for this one...
return 0;
// needs to be removed
if(c->closedconnectionCallback) // this should be a redundant closeCB()
{
sidecarlog(LOGDEBUG," calling closedconnectionCallback\n");
c->closedconnectionCallback(c); // this should free c->appData
sidecarlog(LOGDEBUG," return from closedconnectionCallback\n");
c->closedconnectionCallback=NULL;
}
hash = mkhash(c->remoteIP,c->rport);
parent=NULL;
#ifdef REENTRANT
pthread_mutex_lock(ctx->lock);
#endif
tmp = ctx->connections[hash];
while(tmp!=NULL)
{
if((tmp->remoteIP==c->remoteIP)&&(tmp->rport==c->rport))
break;
parent=tmp;
tmp=tmp->next;
}
if(tmp==NULL)
{
#ifdef REENTRANT
pthread_mutex_unlock(ctx->lock);
#endif
inet_ntop(AF_INET,&c->remoteIP,remoteIPbuf,BUFLEN);
sidecarlog(LOGCRIT,"ABORT: tried to delete non-existant connection %s:%d in state %s\n",
remoteIPbuf,c->rport,connection_statestr[c->state]);
abort();
}
// remove from hash bucket
if(parent!=NULL)
parent->next=c->next;
else
ctx->connections[hash]=c->next;
#ifdef REENTRANT
pthread_mutex_unlock(ctx->lock);
free(c->lock);
#endif
// remove from iterative connections list
if(c->connext) // if we have someone after us
{
if(c->conprev) // if there is someone before us
{
c->conprev->connext=c->connext;
c->connext->conprev=c->conprev;
}
else
{
SidecarCtx->conhead=c->connext;
c->connext->conprev=NULL;
}
}
else
{ // we are at the end
if(c->conprev) // if there is someone before us
c->conprev->connext=NULL;
else
SidecarCtx->conhead=NULL; // we really are the last one
}
if(c->idletimerId)
wc_event_remove(SidecarCtx->timers,c->idletimerId,&fun,&arg);
/* should be replaced with a deep free, or left to that which stored
the app data to disard -nspring
- capveg: commented out all together: the application should
handle this in the closeconnectionCallback() and the
free() here will most likely result in a double free()
with corruption
if(c->appData)
free(c->appData);
*/
probe_cache_flush(c);
tsb=c->tsb_head;
while(tsb)
{
tmptsb=tsb;
tsb=tsb->next;
free(tmptsb);
}
SidecarCtx->nOpenConnections--;
free(c->oldData);
free(c);
return 0;
}
/************************************************************************************
* int connection_get_id(struct connection*);
* return c->id; unique connection identifier;
* in practice it's just a counter, but should be okay
*/
int connection_get_id(struct connection* con)
{
assert(con);
assert(con->magic==CONMAGIC);
return con->id;
}
/************************************************************************************
* int connection_get_name(struct connection*, char * name, int * namelen);
* return "sip:sport-dip:dport" string based on the connection
*/
int connection_get_name(struct connection* con, char * name, int * namelen)
{
int len;
char buf[BUFLEN];
char src[BUFLEN];
assert(con);
assert(con->magic==CONMAGIC);
inet_ntop(AF_INET,&con->remoteIP,buf,BUFLEN);
inet_ntop(AF_INET,&SidecarCtx->localIP,src,BUFLEN);
len=snprintf(name,*namelen,"%s:%u-%s:%u",src,con->lport,buf,con->rport);
name[*namelen-1]=0; // force a NULL if snprintf was short
*namelen=len;
return len;
}
/**********************************************************************************
* struct packet * connection_make_packet(struct connection *);
* Given a connection, create an zero-data packet with the current
* sequence/ack numbers and ip/port info for the given connection
* from the local host to the remote host; don't fill in checksum, as that
* will happen on send
*/
struct packet * connection_make_packet(struct connection * con)
{
struct tcphdr tcp;
struct iphdr ip;
packet * p;
assert(con->magic==CONMAGIC);
p = packet_create();
memset(&ip,0,sizeof(ip));
memset(&tcp,0,sizeof(tcp));
// fill in ip header
ip.ihl=5;
ip.version=4;
ip.tos=0;
ip.id= IP_ID_COUNTER++;
ip.frag_off=htons(0x4000); // don't fragment, network byte order
ip.ttl= SidecarCtx->ttl;
ip.protocol=IPPROTO_TCP;
ip.check = 0;
ip.saddr = SidecarCtx->localIP;
ip.daddr = con->remoteIP;
packet_set_ip_header(p,&ip);
// fill in tcp header
tcp.source = htons(con->lport);
tcp.dest = htons(con->rport);
tcp.doff=5;
tcp.ack=1;
tcp.seq = htonl(con->lSeq);
tcp.ack_seq = htonl(con->rSeq);
tcp.window = htons(con->lWindow);
packet_set_tcp_header(p,&tcp);
return p;
}
/*********************************************************************************
* void * connection_set_app_data(struct connection *,void *data );
* set the application specific data pointer to data
* return the old value
*/
void * connection_set_app_data(struct connection * con,void *data )
{
void * old;
assert(con);
assert(con->magic==CONMAGIC);
old = con->appData;
con->appData=data;
return old;
}
/*****************************************************************************
* void * connection_get_app_data(struct connection *);
* return application specific data
*/
void * connection_get_app_data(struct connection * con)
{
assert(con);
assert(con->magic==CONMAGIC);
return con->appData;
}
/***************************************************************************
* int update_old_data(struct connection * con, struct iphdr *ip, struct tcphdr *tcp);
* cache the connection level data into a circular buffer con->oldData
*/
int update_old_data(struct connection * con, struct iphdr *ip,struct tcphdr *tcp)
{
char * data;
int datalen;
int i;
assert(con);
assert(con->magic==CONMAGIC);
datalen = ntohs(ip->tot_len) - (ip->ihl+tcp->doff)*4;
if(datalen==0)
return 0;
if(datalen<con->oldDataMax)
{
sidecarlog(LOGDEBUG," update_old_data:: got datalen=%d oldDataMax=%d\n",
datalen,con->oldDataMax);
assert(datalen<con->oldDataMax); // we made the buf two packets, should be easy
}
assert(datalen>0);
data = ((char*)tcp)+tcp->doff*4;
i = MIN(datalen+con->oldDataIndex,con->oldDataMax);
memcpy(&con->oldData[con->oldDataIndex],data,i-con->oldDataIndex); // copy until end
if(i<datalen) // did we wrap in the circular buffer?
{
con->oldDataFull=1;
memcpy(con->oldData,&data[i],datalen-i-con->oldDataIndex); // copy rest to beginnig
}
con->oldDataIndex=(con->oldDataIndex+datalen)%con->oldDataMax;
return datalen;
}
/*************************************************************************
* unsigned int connection_get_remote_ip(struct connection *);
* accessor func
*/
unsigned int connection_get_remote_ip(struct connection * con)
{
assert(con);
assert(con->magic==CONMAGIC);
return con->remoteIP;
}
/**********************************************************************************
* int connection_process_out_timestamp(struct connection *con, u32 value, struct timeval now);
* save the outgoing timestamp value in a tsb so that it can be later correlated
* when that value is returned
* save it at the end of a doubly linked list
*/
int connection_process_out_timestamp(struct connection *con, u32 value, struct timeval now)
{
struct timestamp_bucket *tsb;
if(value<=con->mostRecentTimestamp)
return 0; // we have already recv'ed a response for stuff after this
// value, ignore
tsb = malloc_and_test(sizeof(struct timestamp_bucket));
assert(tsb!=NULL);
tsb->value=value;
tsb->sentTime=now;
tsb->prev = con->tsb_tail;
tsb->next=NULL;
sidecarlog(LOGDEBUG_TS," con id %d :: saving timestamp %lu at time %ld.%.6ld\n",
con->id,(u32)ntohl(value),now.tv_sec,now.tv_usec);
// add to end of list
if(con->tsb_tail)
{
con->tsb_tail->next=tsb;
con->tsb_tail=tsb;
} else
{ // the list has no tail (should be empty)
assert(con->tsb_head==NULL);
con->tsb_head=con->tsb_tail=tsb;
}
return 0;
}
/************************************************************************************
* int connection_process_in_timestamp(struct connection *con, u32 echo, struct timeval now);
* extract the timestamp matching 'echo' from the connections timestamp list,
* diff the times, and add it to the RTT estimator
*
* also- drop everything from the queue that happened *before* echo, b/c
* they are unlikely tobe echo'ed back -- only if there is reordering or
* if the receiver is broken
*/
int connection_process_in_timestamp(struct connection *con, u32 echo, struct timeval now)
{
struct timestamp_bucket *tsb,*tmp;
struct timeval diff;
long rtt_est;
long err;
int dels=0;
if(echo<=con->mostRecentTimestamp)
return 0; // we have already recv'ed a response for this echo
// (or after it), ignore
/* nspring sayz: for(tsb=con->tsb_head; tsb != NULL && tsb->value==echo; tsb=tsb->next); */
tsb = con->tsb_head;
while(tsb)
{
if(tsb->value == echo)
break;
else
tsb=tsb->next;
}
if(tsb==NULL)
{
sidecarlog(LOGDEBUG_TS,"con id %d :: connection_process_in_timestamp:: didn't find timestamp %lu\n",
con->id,echo);
return 1; // signal not found
}
// delete stuff before it; these will not get ACK'ed
while(tsb->prev)
{
tmp=tsb->prev;
tsb->prev=tmp->prev;
free(tmp);
dels++;
}
con->tsb_head = tsb->next; // going to free this one as well
// diff = diff_time(now,tsb->sentTime);
timersub(&now, &tsb->sentTime, &diff);
rtt_est = diff.tv_sec*1000000 + diff.tv_usec;
// TCP/IP Illustrated Vol 1, p 300; VJCC '88
err = rtt_est - con->rtt;
con->rtt +=(err>>3);
con->mdevrtt+= (labs(err)-con->mdevrtt)>>2; // labs() == abs() for longs, who knew?
if(con->tsb_head)
con->tsb_head->prev=NULL; // skip current tsb
else
{
con->tsb_head=con->tsb_tail=NULL; // nothing left in list
}
con->rtt_estimates++;
sidecarlog(LOGDEBUG_TS," con id %d :: recv timestamp %lu at time %ld.%.6ld: %d"
" dels est = %ld : new rtt %ld mdev %ld count=%ld\n",
con->id,(u32)ntohl(echo),now.tv_sec,now.tv_usec, dels,
rtt_est,con->rtt, con->mdevrtt,con->rtt_estimates);
con->mostRecentTimestamp=echo; // update the "mostRecent" cache
free(tsb);
return 0;
}
/***********************************************************************************
* int connection_get_rtt_estimate(struct connection, long * avg, long *mdev, long * count);
* just return the values from the connection struct
*/
int connection_get_rtt_estimate(struct connection * con, long * avg, long *mdev, long * count)
{
assert(con);
*avg=con->rtt;
*mdev=con->mdevrtt;
*count=con->rtt_estimates;
return 0;
}
/***********************************************************************************
* int connection_is_idle(struct connection *con):
* return 1 if the remote host has acknowledged all of the outstanding data
* 0 otherwise
*
* FIXME: PAWS
*/
int connection_is_idle(struct connection *con)
{
assert(con);
if(con->ackrecved>=con->lSeq)
return 1;
else
return 0;
}
/*****************************************************************************
* int connection_get_remote_ttl(struct connection *);
* return con->remoteTTL
* this value could be -1, meaning it's not initialized
*/
int connection_get_remote_ttl(struct connection * con)
{
assert(con);
assert(con->magic==CONMAGIC);
return con->remoteTTL;
}
/***************************************************************************
* int connection_count_old_data(struct connection * con)
* return the amount of cached old data that is available
*/
int connection_count_old_data(struct connection * con)
{
if(con->oldDataFull)
return con->oldDataMax;
else
return con->oldDataIndex;
}
/***************************************************************************
* int probe_add(struct connection *, u16 probe_id, void * data);
* add this probe to the probe tracking stuff so we can look it up later
*/
int probe_add(struct connection * con, u16 probe_id, const void * data)
{
probedata * pd;
int i = ((probe_id&0xff00)>>8)^(probe_id&0x00ff); // fold the bytes on to each other
pd = malloc_and_test(sizeof(probedata));
assert(pd!=NULL);
pd->id=probe_id;
pd->data=data;
pd->next = con->probeTracking[i];
con->probeTracking[i] = pd;
return 0;
}