1 /*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 */
23
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #elif defined(_MSC_VER)
27 #include "config-msvc.h"
28 #endif
29
30 #include "syshead.h"
31
32 #include "ping.h"
33
34 #include "memdbg.h"
35
36
37 /*
38 * This random string identifies an OpenVPN ping packet.
39 * It should be of sufficient length and randomness
40 * so as not to collide with other tunnel data.
41 *
42 * PING_STRING_SIZE must be sizeof (ping_string)
43 */
44 const uint8_t ping_string[] = {
45 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb,
46 0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48
47 };
48
49 void
trigger_ping_timeout_signal(struct context * c)50 trigger_ping_timeout_signal(struct context *c)
51 {
52 struct gc_arena gc = gc_new();
53 switch (c->options.ping_rec_timeout_action)
54 {
55 case PING_EXIT:
56 msg(M_INFO, "%sInactivity timeout (--ping-exit), exiting",
57 format_common_name(c, &gc));
58 c->sig->signal_received = SIGTERM;
59 c->sig->signal_text = "ping-exit";
60 break;
61
62 case PING_RESTART:
63 msg(M_INFO, "%sInactivity timeout (--ping-restart), restarting",
64 format_common_name(c, &gc));
65 c->sig->signal_received = SIGUSR1; /* SOFT-SIGUSR1 -- Ping Restart */
66 c->sig->signal_text = "ping-restart";
67 break;
68
69 default:
70 ASSERT(0);
71 }
72 gc_free(&gc);
73 }
74
75 /*
76 * Should we ping the remote?
77 */
78 void
check_ping_send_dowork(struct context * c)79 check_ping_send_dowork(struct context *c)
80 {
81 c->c2.buf = c->c2.buffers->aux_buf;
82 ASSERT(buf_init(&c->c2.buf, FRAME_HEADROOM(&c->c2.frame)));
83 ASSERT(buf_safe(&c->c2.buf, MAX_RW_SIZE_TUN(&c->c2.frame)));
84 ASSERT(buf_write(&c->c2.buf, ping_string, sizeof(ping_string)));
85
86 /*
87 * We will treat the ping like any other outgoing packet,
88 * encrypt, sign, etc.
89 */
90 encrypt_sign(c, true);
91 /* Set length to 0, so it won't be counted as activity */
92 c->c2.buf.len = 0;
93 dmsg(D_PING, "SENT PING");
94 }
95