From fa624ce279a22ac1c395dbf5a146003d8252e3cc Mon Sep 17 00:00:00 2001 From: top master Date: Tue, 27 Mar 2018 10:38:35 +0430 Subject: [PATCH] Revert "ICMP management Fix" This reverts commit 8877e06f04368d632912ecec07a6f69f9ade8b79. --- app/src/main/jni/netguard/icmp.c | 20 +++----------------- app/src/main/jni/netguard/netguard.c | 2 +- app/src/main/jni/netguard/netguard.h | 4 +--- app/src/main/jni/netguard/session.c | 6 +++--- 4 files changed, 8 insertions(+), 24 deletions(-) diff --git a/app/src/main/jni/netguard/icmp.c b/app/src/main/jni/netguard/icmp.c index 5a57d70f..35232cd2 100644 --- a/app/src/main/jni/netguard/icmp.c +++ b/app/src/main/jni/netguard/icmp.c @@ -35,7 +35,7 @@ int check_icmp_session(const struct arguments *args, struct ng_session *s, time_t now = time(NULL); int timeout = get_icmp_timeout(&s->icmp, sessions, maxsessions); - if (s->icmp.stop > 0 || s->icmp.time + timeout < now) { + if (s->icmp.stop || s->icmp.time + timeout < now) { char source[INET6_ADDRSTRLEN + 1]; char dest[INET6_ADDRSTRLEN + 1]; if (s->icmp.version == 4) { @@ -108,12 +108,8 @@ void check_icmp_socket(const struct arguments *args, const struct epoll_event *e // but for some unexplained reason this is not the case // some bits seems to be set extra struct icmp *icmp = (struct icmp *) buffer; - const uint8_t isValid = s->icmp.id == icmp->icmp_id; - if(isValid) { - s->icmp.stop = -1; //mark as answered - } log_android( - isValid ? ANDROID_LOG_INFO : ANDROID_LOG_WARN, + s->icmp.id == icmp->icmp_id ? ANDROID_LOG_INFO : ANDROID_LOG_WARN, "ICMP recv bytes %d from %s for tun type %d code %d id %x/%x seq %d", bytes, dest, icmp->icmp_type, icmp->icmp_code, @@ -177,7 +173,7 @@ jboolean handle_icmp(const struct arguments *args, struct ng_session *cur = args->ctx->ng_session; while (cur != NULL && !((cur->protocol == IPPROTO_ICMP || cur->protocol == IPPROTO_ICMPV6) && - cur->icmp.stop <= 0 && cur->icmp.version == version && + !cur->icmp.stop && cur->icmp.version == version && (version == 4 ? cur->icmp.saddr.ip4 == ip4->saddr && cur->icmp.daddr.ip4 == ip4->daddr : memcmp(&cur->icmp.saddr.ip6, &ip6->ip6_src, 16) == 0 && @@ -186,7 +182,6 @@ jboolean handle_icmp(const struct arguments *args, // Create new session if needed if (cur == NULL) { -posNewSession: log_android(ANDROID_LOG_INFO, "ICMP new session from %s to %s", source, dest); // Register session @@ -213,8 +208,6 @@ posNewSession: // Open UDP socket s->socket = open_icmp_socket(args, &s->icmp); if (s->socket < 0) { - log_android(ANDROID_LOG_WARN, "ICMP open fail: id[%x] socket %d error %d: %s" - , s->icmp.id, s->socket, errno, strerror(errno)); free(s); return 0; } @@ -232,10 +225,6 @@ posNewSession: args->ctx->ng_session = s; cur = s; - } else if(cur->icmp.stop == -1) { //if session is answered reuse that - cur->icmp.id = icmp->icmp_id; - } else { //else force new session - goto posNewSession; } // Modify ID @@ -284,9 +273,6 @@ posNewSession: cur->icmp.stop = 1; return 0; } - } else { - log_android(ANDROID_LOG_VERBOSE, "ICMP sendto id[%x/%x]" - , cur->icmp.id, icmp->icmp_id); } return 1; diff --git a/app/src/main/jni/netguard/netguard.c b/app/src/main/jni/netguard/netguard.c index 3b6de7f7..1a14ce99 100644 --- a/app/src/main/jni/netguard/netguard.c +++ b/app/src/main/jni/netguard/netguard.c @@ -199,7 +199,7 @@ Java_eu_faircode_netguard_ServiceSinkhole_jni_1get_1stats( struct ng_session *s = ctx->ng_session; while (s != NULL) { if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) { - if (s->icmp.stop <= 0) + if (!s->icmp.stop) jcount[0]++; } else if (s->protocol == IPPROTO_UDP) { if (s->udp.state == UDP_ACTIVE) diff --git a/app/src/main/jni/netguard/netguard.h b/app/src/main/jni/netguard/netguard.h index 75144311..dfc8fbcc 100644 --- a/app/src/main/jni/netguard/netguard.h +++ b/app/src/main/jni/netguard/netguard.h @@ -119,7 +119,7 @@ struct icmp_session { uint16_t id; - int8_t stop; //three state: 0:false, 1:true, -1:answered + uint8_t stop; }; #define UDP_ACTIVE 0 @@ -265,7 +265,6 @@ struct dns_header { uint16_t aa :1; // authoritive answer uint16_t opcode :4; // purpose of message uint16_t qr :1; // query/response flag - //next byte (8 bit) uint16_t rcode :4; // response code uint16_t cd :1; // checking disabled uint16_t ad :1; // authenticated data @@ -277,7 +276,6 @@ struct dns_header { uint16_t aa :1; // authoritive answer uint16_t tc :1; // truncated message uint16_t rd :1; // recursion desired - //next byte (8 bit) uint16_t ra :1; // recursion available uint16_t z :1; // its z! reserved uint16_t ad :1; // authenticated data diff --git a/app/src/main/jni/netguard/session.c b/app/src/main/jni/netguard/session.c index 9a4f8503..d3a089bb 100644 --- a/app/src/main/jni/netguard/session.c +++ b/app/src/main/jni/netguard/session.c @@ -99,7 +99,7 @@ void *handle_events(void *a) { struct ng_session *s = args->ctx->ng_session; while (s != NULL) { if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) { - if (s->icmp.stop <= 0) + if (!s->icmp.stop) isessions++; } else if (s->protocol == IPPROTO_UDP) { if (s->udp.state == UDP_ACTIVE) @@ -126,7 +126,7 @@ void *handle_events(void *a) { int del = 0; if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) { del = check_icmp_session(args, s, sessions, maxsessions); - if (s->icmp.stop == 0 && !del) { + if (!s->icmp.stop && !del) { int stimeout = s->icmp.time + get_icmp_timeout(&s->icmp, sessions, maxsessions) - now + 1; if (stimeout > 0 && stimeout < timeout) @@ -282,7 +282,7 @@ void check_allowed(const struct arguments *args) { struct ng_session *s = args->ctx->ng_session; while (s != NULL) { if (s->protocol == IPPROTO_ICMP || s->protocol == IPPROTO_ICMPV6) { - if (s->icmp.stop <= 0) { + if (!s->icmp.stop) { if (s->icmp.version == 4) { inet_ntop(AF_INET, &s->icmp.saddr.ip4, source, sizeof(source)); inet_ntop(AF_INET, &s->icmp.daddr.ip4, dest, sizeof(dest));