1 /*
2  *  OpenVPN -- An application to securely tunnel IP networks
3  *             over a single TCP/UDP port, with support for SSL/TLS-based
4  *             session authentication and key exchange,
5  *             packet encryption, packet authentication, and
6  *             packet compression.
7  *
8  *  Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  *  This program is free software; you can redistribute it and/or modify
11  *  it under the terms of the GNU General Public License version 2
12  *  as published by the Free Software Foundation.
13  *
14  *  This program is distributed in the hope that it will be useful,
15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  *  GNU General Public License for more details.
18  *
19  *  You should have received a copy of the GNU General Public License along
20  *  with this program; if not, write to the Free Software Foundation, Inc.,
21  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 #ifdef HAVE_CONFIG_H
25 #include "config.h"
26 #elif defined(_MSC_VER)
27 #include "config-msvc.h"
28 #endif
29 
30 #include "syshead.h"
31 
32 #include "ping.h"
33 
34 #include "memdbg.h"
35 
36 
37 /*
38  * This random string identifies an OpenVPN ping packet.
39  * It should be of sufficient length and randomness
40  * so as not to collide with other tunnel data.
41  *
42  * PING_STRING_SIZE must be sizeof (ping_string)
43  */
44 const uint8_t ping_string[] = {
45     0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb,
46     0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48
47 };
48 
49 void
trigger_ping_timeout_signal(struct context * c)50 trigger_ping_timeout_signal(struct context *c)
51 {
52     struct gc_arena gc = gc_new();
53     switch (c->options.ping_rec_timeout_action)
54     {
55         case PING_EXIT:
56             msg(M_INFO, "%sInactivity timeout (--ping-exit), exiting",
57                 format_common_name(c, &gc));
58             c->sig->signal_received = SIGTERM;
59             c->sig->signal_text = "ping-exit";
60             break;
61 
62         case PING_RESTART:
63             msg(M_INFO, "%sInactivity timeout (--ping-restart), restarting",
64                 format_common_name(c, &gc));
65             c->sig->signal_received = SIGUSR1; /* SOFT-SIGUSR1 -- Ping Restart */
66             c->sig->signal_text = "ping-restart";
67             break;
68 
69         default:
70             ASSERT(0);
71     }
72     gc_free(&gc);
73 }
74 
75 /*
76  * Should we ping the remote?
77  */
78 void
check_ping_send_dowork(struct context * c)79 check_ping_send_dowork(struct context *c)
80 {
81     c->c2.buf = c->c2.buffers->aux_buf;
82     ASSERT(buf_init(&c->c2.buf, FRAME_HEADROOM(&c->c2.frame)));
83     ASSERT(buf_safe(&c->c2.buf, MAX_RW_SIZE_TUN(&c->c2.frame)));
84     ASSERT(buf_write(&c->c2.buf, ping_string, sizeof(ping_string)));
85 
86     /*
87      * We will treat the ping like any other outgoing packet,
88      * encrypt, sign, etc.
89      */
90     encrypt_sign(c, true);
91     /* Set length to 0, so it won't be counted as activity */
92     c->c2.buf.len = 0;
93     dmsg(D_PING, "SENT PING");
94 }
95