In preparation for adding re-key support, stop misusing ssl_times.last_rekey. (This seems to fix a weird frantic mainloop-invoking bug I was running into as well.)
Signed-off-by: Daniel Lenski <[email protected]> --- gpst.c | 19 +++---------------- mainloop.c | 2 +- openconnect-internal.h | 1 + 3 files changed, 5 insertions(+), 17 deletions(-) diff --git a/gpst.c b/gpst.c index 87cfbc9..0544edb 100644 --- a/gpst.c +++ b/gpst.c @@ -615,7 +615,7 @@ static int gpst_connect(struct openconnect_info *vpninfo) monitor_fd_new(vpninfo, ssl); monitor_read_fd(vpninfo, ssl); monitor_except_fd(vpninfo, ssl); - vpninfo->ssl_times.last_rekey = vpninfo->ssl_times.last_rx = vpninfo->ssl_times.last_tx = time(NULL); + vpninfo->ssl_times.last_rx = vpninfo->ssl_times.last_tx = time(NULL); if (vpninfo->dtls_state != DTLS_DISABLED) vpninfo->dtls_state = DTLS_NOSECRET; } @@ -638,17 +638,6 @@ int gpst_setup(struct openconnect_info *vpninfo) */ if (vpninfo->dtls_state == DTLS_DISABLED || vpninfo->dtls_state == DTLS_NOSECRET) ret = gpst_connect(vpninfo); - else { - /* We want to prevent the mainloop timers from frantically - * calling the GPST mainloop. - */ - vpninfo->ssl_times.last_rx = vpninfo->ssl_times.last_tx = time(NULL); - - /* Using (abusing?) last_rekey as the time when the SSL tunnel - * was brought up. - */ - vpninfo->ssl_times.last_rekey = 0; - } return ret; } @@ -673,12 +662,10 @@ int gpst_mainloop(struct openconnect_info *vpninfo, int *timeout) return 0; case DTLS_SECRET: case DTLS_SLEEPING: - if (time(NULL) < vpninfo->dtls_times.last_rekey + 5) { + if (!ka_check_deadline(timeout, time(NULL), vpninfo->dtls_times.last_rekey + 5)) { /* Allow 5 seconds after configuration for ESP to start */ - if (*timeout > 5000) - *timeout = 5000; return 0; - } else if (!vpninfo->ssl_times.last_rekey) { + } else { /* ... before we switch to HTTPS instead */ vpn_progress(vpninfo, PRG_ERR, _("Failed to connect ESP tunnel; using HTTPS instead.\n")); diff --git a/mainloop.c b/mainloop.c index 4124509..fe185fe 100644 --- a/mainloop.c +++ b/mainloop.c @@ -315,7 +315,7 @@ int openconnect_mainloop(struct openconnect_info *vpninfo, return ret < 0 ? ret : -EIO; } -static int ka_check_deadline(int *timeout, time_t now, time_t due) +int ka_check_deadline(int *timeout, time_t now, time_t due) { if (now >= due) return 1; diff --git a/openconnect-internal.h b/openconnect-internal.h index e0a9218..3bb6a77 100644 --- a/openconnect-internal.h +++ b/openconnect-internal.h @@ -964,6 +964,7 @@ int tun_mainloop(struct openconnect_info *vpninfo, int *timeout); int queue_new_packet(struct pkt_q *q, void *buf, int len); int keepalive_action(struct keepalive_info *ka, int *timeout); int ka_stalled_action(struct keepalive_info *ka, int *timeout); +int ka_check_deadline(int *timeout, time_t now, time_t due); /* xml.c */ ssize_t read_file_into_string(struct openconnect_info *vpninfo, const char *fname, -- 2.7.4 _______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
