openvpn/ping_8c_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single TCP/UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, see <https://www.gnu.org/licenses/>.

 */


#ifdef HAVE_CONFIG_H

#include "config.h"

#endif


#include "syshead.h"


#include "ping.h"


#include "memdbg.h"


/*

 * This random string identifies an OpenVPN ping packet.

 * It should be of sufficient length and randomness

 * so as not to collide with other tunnel data.

 *

 * PING_STRING_SIZE must be sizeof (ping_string)

 */


const uint8_t ping_string[] = { 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb,

                                0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48 };


void


trigger_ping_timeout_signal(struct context *c)

{

    struct gc_arena gc = gc_new();

    switch (c->options.ping_rec_timeout_action)

    {

        case PING_EXIT:

            msg(M_INFO, "%sInactivity timeout (--ping-exit), exiting", format_common_name(c, &gc));

            register_signal(c->sig, SIGTERM, "ping-exit");

            break;


        case PING_RESTART:

            msg(M_INFO, "%sInactivity timeout (--ping-restart), restarting",

                format_common_name(c, &gc));

            register_signal(c->sig, SIGUSR1, "ping-restart");

            break;


        default:

            ASSERT(0);

    }

    gc_free(&gc);

}


/*

 * Should we ping the remote?

 */

void


check_ping_send_dowork(struct context *c)

{

    c->c2.buf = c->c2.buffers->aux_buf;

    ASSERT(buf_init(&c->c2.buf, c->c2.frame.buf.headroom));

    ASSERT(buf_safe(&c->c2.buf, c->c2.frame.buf.payload_size));

    ASSERT(buf_write(&c->c2.buf, ping_string, sizeof(ping_string)));


    /*

     * We will treat the ping like any other outgoing packet,

     * encrypt, sign, etc.

     */

    encrypt_sign(c, true);

    /* Set length to 0, so it won't be counted as activity */

    c->c2.buf.len = 0;

    dmsg(D_PING, "SENT PING");

}


buf_safe
static bool buf_safe(const struct buffer *buf, size_t len)
Definition buffer.h:518

buf_write
static bool buf_write(struct buffer *dest, const void *src, size_t size)
Definition buffer.h:660

gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1015

buf_init
#define buf_init(buf, offset)
Definition buffer.h:209

gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1007

D_PING
#define D_PING
Definition errlevel.h:143

M_INFO
#define M_INFO
Definition errlevel.h:54

encrypt_sign
void encrypt_sign(struct context *c, bool comp_frag)
Process a data channel packet that will be sent through a VPN tunnel.
Definition forward.c:614

format_common_name
const char * format_common_name(struct context *c, struct gc_arena *gc)
Definition init.c:1281

memdbg.h

dmsg
#define dmsg(flags,...)
Definition error.h:170

msg
#define msg(flags,...)
Definition error.h:150

ASSERT
#define ASSERT(x)
Definition error.h:217

PING_RESTART
#define PING_RESTART
Definition options.h:356

PING_EXIT
#define PING_EXIT
Definition options.h:355

ping_string
const uint8_t ping_string[]
Definition ping.c:41

trigger_ping_timeout_signal
void trigger_ping_timeout_signal(struct context *c)
Trigger the correct signal on a –ping timeout depending if –ping-exit is set (SIGTERM) or not (SIGUSR...
Definition ping.c:45

check_ping_send_dowork
void check_ping_send_dowork(struct context *c)
Definition ping.c:71

ping.h

register_signal
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
Definition sig.c:228

buffer::len
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65

context_2::frame
struct frame frame
Definition openvpn.h:248

context_2::buf
struct buffer buf
Definition openvpn.h:375

context_2::buffers
struct context_buffers * buffers
Definition openvpn.h:367

context_buffers::aux_buf
struct buffer aux_buf
Definition openvpn.h:97

context
Contains all state information for one tunnel.
Definition openvpn.h:474

context::sig
struct signal_info * sig
Internal error signaling object.
Definition openvpn.h:503

context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:517

context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475

frame::payload_size
int payload_size
the maximum size that a payload that our buffers can hold from either tun device or network link.
Definition mtu.h:108

frame::headroom
int headroom
the headroom in the buffer, this is choosen to allow all potential header to be added before the pack...
Definition mtu.h:114

frame::buf
struct frame::@8 buf

gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116

options::ping_rec_timeout_action
int ping_rec_timeout_action
Definition options.h:357

syshead.h

gc
struct gc_arena gc
Definition test_ssl.c:131