Package: vtun Version: 2.6-4 Severity: normal
-- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686 Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R) Versions of packages vtun depends on: ii debconf 1.4.58 Debian configuration management sy ii libc6 2.3.5-6 GNU C Library: Shared libraries an ii liblzo1 1.08-2 data compression library ii libssl0.9.7 0.9.7g-2 SSL shared libraries ii psmisc 21.6-1 Utilities that use the proc filesy ii zlib1g 1:1.2.3-4 compression library - runtime vtun recommends no packages. -- debconf information: * vtun/passwords: diff -ru vtun-2.6-orig/ChangeLog vtun-2.6/ChangeLog --- vtun-2.6-orig/ChangeLog 2003-03-18 15:32:28.000000000 +0300 +++ vtun-2.6/ChangeLog 2005-11-15 23:07:35.000000000 +0300 @@ -1,4 +1,16 @@ - +ver 2.6.1: + Fix bug in link timeout handling for "proto udp; кееpalive yes;" + (Eugene Berdnikov). + Previous concept of "idle" was inactivity on ALL file descriptors. + For the case of uni-directed data flow (ex. bridge "hello" BPDUs on + STP-disabled link, router advertisements or аsymmetric routing), + no checks for backword traffic were performed. Vital for UDP mode. + + Minor fixes in lfd_lzo.c to ensure correct type casting. + + Add description of "keepalive timeout:count;" syntax to man page + and sample vtund.conf. + Future (2.7): SigINT should be heeded (Michael Tokarov) support for connecting ssl to non-ssl vtuns (sslauth option) <[EMAIL PROTECTED]> diff -ru vtun-2.6-orig/lfd_lzo.c vtun-2.6/lfd_lzo.c --- vtun-2.6-orig/lfd_lzo.c 2002-04-25 13:19:50.000000000 +0400 +++ vtun-2.6/lfd_lzo.c 2005-11-12 00:18:28.000000000 +0300 @@ -35,6 +35,7 @@ #ifdef HAVE_LZO +#include "lzoutil.h" #include "lzo1x.h" static lzo_byte *zbuf; @@ -53,7 +54,7 @@ int alloc_lzo(struct vtun_host *host) { int zlevel = host->zlevel ? host->zlevel : 1; - int mem; + lzo_uint mem; switch( zlevel ){ case 9: diff -ru vtun-2.6-orig/linkfd.c vtun-2.6/linkfd.c --- vtun-2.6-orig/linkfd.c 2002-12-15 22:23:03.000000000 +0300 +++ vtun-2.6/linkfd.c 2005-11-15 20:29:53.000000000 +0300 @@ -172,19 +172,37 @@ linker_term = VTUN_SIG_HUP; } -/* Statistic dump */ +/* Statistic dump and keep-alive monitor */ +static volatile sig_atomic_t ka_need_verify = 0; +static time_t stat_timer = 0, ka_timer = 0; + void sig_alarm(int sig) { - static time_t tm; + static time_t tm_old, tm = 0; static char stm[20]; - + + tm_old = tm; tm = time(NULL); - strftime(stm, sizeof(stm)-1, "%b %d %H:%M:%S", localtime(&tm)); - fprintf(lfd_host->stat.file,"%s %lu %lu %lu %lu\n", stm, - lfd_host->stat.byte_in, lfd_host->stat.byte_out, - lfd_host->stat.comp_in, lfd_host->stat.comp_out); - - alarm(VTUN_STAT_IVAL); + + if( (lfd_host->flags & VTUN_KEEP_ALIVE) && (ka_timer -= tm-tm_old) <= 0){ + ka_need_verify = 1; + ka_timer = lfd_host->ka_interval + + 1; /* We have to complete select() on idle */ + } + + if( (lfd_host->flags & VTUN_STAT) && (stat_timer -= tm-tm_old) <= 0){ + strftime(stm, sizeof(stm)-1, "%b %d %H:%M:%S", localtime(&tm)); + fprintf(lfd_host->stat.file,"%s %lu %lu %lu %lu\n", stm, + lfd_host->stat.byte_in, lfd_host->stat.byte_out, + lfd_host->stat.comp_in, lfd_host->stat.comp_out); + stat_timer = VTUN_STAT_IVAL; + } + + if ( ka_timer*stat_timer ){ + alarm( (ka_timer < stat_timer) ? ka_timer : stat_timer ); + } else { + alarm( (ka_timer) ? ka_timer : stat_timer ); + } } static void sig_usr1(int sig) @@ -230,26 +248,27 @@ break; else continue; - } - - if( !len ){ - /* We are idle, lets check connection */ - if( lfd_host->flags & VTUN_KEEP_ALIVE ){ - if( ++idle > lfd_host->ka_failure ){ - vtun_syslog(LOG_INFO,"Session %s network timeout", lfd_host->host); - break; - } - /* Send ECHO request */ - if( proto_write(fd1, buf, VTUN_ECHO_REQ) < 0 ) - break; + } + + if( ka_need_verify ){ + if( idle > lfd_host->ka_failure ){ + vtun_syslog(LOG_INFO,"Session %s network timeout", lfd_host->host); + break; + } + /* Send ECHO request */ + if (idle++ > 0) { + if( proto_write(fd1, buf, VTUN_ECHO_REQ) < 0 ){ + vtun_syslog(LOG_ERR,"Failed to send ECHO_REQ"); + break; + } } - continue; + ka_need_verify = 0; } /* Read frames from network(fd1), decode and pass them to * the local device (fd2) */ if( FD_ISSET(fd1, &fdset) && lfd_check_up() ){ - idle = 0; + idle = 0; ka_need_verify = 0; if( (len=proto_read(fd1, buf)) <= 0 ) break; @@ -356,6 +375,15 @@ sa.sa_handler=sig_hup; sigaction(SIGHUP,&sa,&sa_oldhup); + /* Initialize keep-alive timer */ + if( host->flags & VTUN_STAT|VTUN_KEEP_ALIVE ){ + sa.sa_handler=sig_alarm; + sigaction(SIGALRM,&sa,NULL); + + alarm( (host->ka_interval < VTUN_STAT_IVAL) ? + host->ka_interval : VTUN_STAT_IVAL ); + } + /* Initialize statstic dumps */ if( host->flags & VTUN_STAT ){ char file[40]; @@ -368,7 +396,6 @@ sprintf(file,"%s/%.20s", VTUN_STAT_DIR, host->host); if( (host->stat.file=fopen(file, "a")) ){ setvbuf(host->stat.file, NULL, _IOLBF, 0); - alarm(VTUN_STAT_IVAL); } else vtun_syslog(LOG_ERR, "Can't open stats file %s", file); } @@ -377,7 +404,7 @@ lfd_linker(); - if( host->flags & VTUN_STAT ){ + if( host->flags & VTUN_STAT|VTUN_KEEP_ALIVE ){ alarm(0); if (host->stat.file) fclose(host->stat.file); diff -ru vtun-2.6-orig/vtund.conf vtun-2.6/vtund.conf --- vtun-2.6-orig/vtund.conf 2002-12-16 20:20:50.000000000 +0300 +++ vtun-2.6/vtund.conf 2005-11-15 20:54:58.000000000 +0300 @@ -98,6 +98,10 @@ # keepalive - Enable 'yes' or disable 'no' connection # keep-alive. Ignored by the client. # +# May be in form 'interval:count', where 'interval' is the +# period of connection checks, and 'count' is the maximum +# number of retries. Indeed 'yes' = '30:4'. +# # ----------- # timeout - Connect timeout. # diff -ru vtun-2.6-orig/vtund.conf.5 vtun-2.6/vtund.conf.5 --- vtun-2.6-orig/vtund.conf.5 2003-03-18 15:32:28.000000000 +0300 +++ vtun-2.6/vtund.conf.5 2005-11-15 20:48:57.000000000 +0300 @@ -149,8 +149,10 @@ This option ignored by the client. .IP \fBencrypt\ \fByes\fR|\fBno\fR enable or disable encryption. This option ignored by the client. -.IP \fBkeepalive\ \fByes\fR|\fBno\fR -enable or disable connection keep-alive. +.IP \fBkeepalive\ \fByes\fR|\fBno\fR|\fIinterval\fB:\fIcount\fR +enable or disable connection keep-alive. Time \fIinterval\fR is a period +between connection checks, in seconds, and \fIcount\fR is the maximum number +of retries (\fByes\fR = \fI30\fB:\fI4\fR). This option is ignored by the client. .IP \fBstat\ \fByes\fR|\fBno\fR enable or disable statistics. If enabled \fBvtund\fR(8) will log -- Eugene Berdnikov