mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-11-27 19:53:51 +08:00
d7fa38f2a9
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@4477 e7ae566f-a301-0410-adde-c780ea21d3b5
276 lines
5.9 KiB
C
276 lines
5.9 KiB
C
/*
|
|
* OpenVPN -- An application to securely tunnel IP networks
|
|
* over a single TCP/UDP port, with support for SSL/TLS-based
|
|
* session authentication and key exchange,
|
|
* packet encryption, packet authentication, and
|
|
* packet compression.
|
|
*
|
|
* Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2
|
|
* as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program (see the file COPYING included with this
|
|
* distribution); if not, write to the Free Software Foundation, Inc.,
|
|
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
|
|
#include "syshead.h"
|
|
|
|
#include "otime.h"
|
|
|
|
#include "memdbg.h"
|
|
|
|
time_t now = 0; /* GLOBAL */
|
|
|
|
#if TIME_BACKTRACK_PROTECTION && defined(HAVE_GETTIMEOFDAY)
|
|
|
|
static time_t now_adj = 0; /* GLOBAL */
|
|
time_t now_usec = 0; /* GLOBAL */
|
|
|
|
/*
|
|
* Try to filter out time instability caused by the system
|
|
* clock backtracking or jumping forward.
|
|
*/
|
|
|
|
void
|
|
update_now (const time_t system_time)
|
|
{
|
|
const int forward_threshold = 86400; /* threshold at which to dampen forward jumps */
|
|
const int backward_trigger = 10; /* backward jump must be >= this many seconds before we adjust */
|
|
time_t real_time = system_time + now_adj;
|
|
|
|
if (real_time > now)
|
|
{
|
|
const time_t overshoot = real_time - now - 1;
|
|
if (overshoot > forward_threshold && now_adj >= overshoot)
|
|
{
|
|
now_adj -= overshoot;
|
|
real_time -= overshoot;
|
|
}
|
|
now = real_time;
|
|
}
|
|
else if (real_time < now - backward_trigger)
|
|
now_adj += (now - real_time);
|
|
}
|
|
|
|
void
|
|
update_now_usec (struct timeval *tv)
|
|
{
|
|
const time_t last = now;
|
|
update_now (tv->tv_sec);
|
|
if (now > last || (now == last && tv->tv_usec > now_usec))
|
|
now_usec = tv->tv_usec;
|
|
}
|
|
|
|
#endif /* TIME_BACKTRACK_PROTECTION && defined(HAVE_GETTIMEOFDAY) */
|
|
|
|
/*
|
|
* Return a numerical string describing a struct timeval.
|
|
*/
|
|
const char *
|
|
tv_string (const struct timeval *tv, struct gc_arena *gc)
|
|
{
|
|
struct buffer out = alloc_buf_gc (64, gc);
|
|
buf_printf (&out, "[%d/%d]",
|
|
(int) tv->tv_sec,
|
|
(int )tv->tv_usec);
|
|
return BSTR (&out);
|
|
}
|
|
|
|
/*
|
|
* Return an ascii string describing an absolute
|
|
* date/time in a struct timeval.
|
|
*
|
|
*/
|
|
const char *
|
|
tv_string_abs (const struct timeval *tv, struct gc_arena *gc)
|
|
{
|
|
return time_string ((time_t) tv->tv_sec,
|
|
(int) tv->tv_usec,
|
|
true,
|
|
gc);
|
|
}
|
|
|
|
/* format a time_t as ascii, or use current time if 0 */
|
|
|
|
const char *
|
|
time_string (time_t t, int usec, bool show_usec, struct gc_arena *gc)
|
|
{
|
|
struct buffer out = alloc_buf_gc (64, gc);
|
|
struct timeval tv;
|
|
|
|
if (t)
|
|
{
|
|
tv.tv_sec = t;
|
|
tv.tv_usec = usec;
|
|
}
|
|
else
|
|
{
|
|
#ifdef HAVE_GETTIMEOFDAY
|
|
if (gettimeofday (&tv, NULL))
|
|
#endif
|
|
{
|
|
tv.tv_sec = time (NULL);
|
|
tv.tv_usec = 0;
|
|
}
|
|
}
|
|
|
|
mutex_lock_static (L_CTIME);
|
|
t = tv.tv_sec;
|
|
buf_printf (&out, "%s", ctime(&t));
|
|
mutex_unlock_static (L_CTIME);
|
|
buf_rmtail (&out, '\n');
|
|
|
|
if (show_usec && tv.tv_usec)
|
|
buf_printf (&out, " us=%d", (int)tv.tv_usec);
|
|
|
|
return BSTR (&out);
|
|
}
|
|
|
|
/*
|
|
* Limit the frequency of an event stream.
|
|
*
|
|
* Used to control maximum rate of new
|
|
* incoming connections.
|
|
*/
|
|
|
|
struct frequency_limit *
|
|
frequency_limit_init (int max, int per)
|
|
{
|
|
struct frequency_limit *f;
|
|
|
|
ASSERT (max >= 0 && per >= 0);
|
|
|
|
ALLOC_OBJ (f, struct frequency_limit);
|
|
f->max = max;
|
|
f->per = per;
|
|
f->n = 0;
|
|
f->reset = 0;
|
|
return f;
|
|
}
|
|
|
|
void
|
|
frequency_limit_free (struct frequency_limit *f)
|
|
{
|
|
free (f);
|
|
}
|
|
|
|
bool
|
|
frequency_limit_event_allowed (struct frequency_limit *f)
|
|
{
|
|
if (f->per)
|
|
{
|
|
bool ret;
|
|
if (now >= f->reset + f->per)
|
|
{
|
|
f->reset = now;
|
|
f->n = 0;
|
|
}
|
|
ret = (++f->n <= f->max);
|
|
return ret;
|
|
}
|
|
else
|
|
return true;
|
|
}
|
|
|
|
#ifdef WIN32
|
|
|
|
static time_t gtc_base = 0;
|
|
static DWORD gtc_last = 0;
|
|
static time_t last_sec = 0;
|
|
static unsigned int last_msec = 0;
|
|
static bool bt_last = false;
|
|
|
|
static void
|
|
gettimeofday_calibrate (void)
|
|
{
|
|
const time_t t = time(NULL);
|
|
const DWORD gtc = GetTickCount();
|
|
gtc_base = t - gtc/1000;
|
|
gtc_last = gtc;
|
|
}
|
|
|
|
/*
|
|
* Rewritten by JY for OpenVPN 2.1, after I realized that
|
|
* QueryPerformanceCounter takes nearly 2 orders of magnitude
|
|
* more processor cycles than GetTickCount.
|
|
*/
|
|
int
|
|
gettimeofday (struct timeval *tv, void *tz)
|
|
{
|
|
const DWORD gtc = GetTickCount();
|
|
bool bt = false;
|
|
time_t sec;
|
|
unsigned int msec;
|
|
const int backtrack_hold_seconds = 10;
|
|
|
|
/* recalibrate at the dreaded 49.7 day mark */
|
|
if (!gtc_base || gtc < gtc_last)
|
|
gettimeofday_calibrate ();
|
|
gtc_last = gtc;
|
|
|
|
sec = gtc_base + gtc / 1000;
|
|
msec = gtc % 1000;
|
|
|
|
if (sec == last_sec)
|
|
{
|
|
if (msec < last_msec)
|
|
{
|
|
msec = last_msec;
|
|
bt = true;
|
|
}
|
|
}
|
|
else if (sec < last_sec)
|
|
{
|
|
/* We try to dampen out backtracks of less than backtrack_hold_seconds.
|
|
Larger backtracks will be passed through and dealt with by the
|
|
TIME_BACKTRACK_PROTECTION code (if enabled) */
|
|
if (sec > last_sec - backtrack_hold_seconds)
|
|
{
|
|
sec = last_sec;
|
|
msec = last_msec;
|
|
}
|
|
bt = true;
|
|
}
|
|
|
|
tv->tv_sec = last_sec = sec;
|
|
tv->tv_usec = (last_msec = msec) * 1000;
|
|
|
|
if (bt && !bt_last)
|
|
gettimeofday_calibrate ();
|
|
bt_last = bt;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#endif /* WIN32 */
|
|
|
|
#ifdef TIME_TEST
|
|
void
|
|
time_test (void)
|
|
{
|
|
struct timeval tv;
|
|
time_t t;
|
|
int i;
|
|
for (i = 0; i < 10000; ++i)
|
|
{
|
|
t = time(NULL);
|
|
gettimeofday (&tv, NULL);
|
|
#if 1
|
|
msg (M_INFO, "t=%u s=%u us=%u",
|
|
(unsigned int)t,
|
|
(unsigned int)tv.tv_sec,
|
|
(unsigned int)tv.tv_usec);
|
|
#endif
|
|
}
|
|
}
|
|
#endif
|