uint64_t renegotiate_key_time; /* When we can negotiate a new key */
transport_peers peers; /* Current address(es) of peer for data traffic */
uint64_t renegotiate_key_time; /* When we can negotiate a new key */
transport_peers peers; /* Current address(es) of peer for data traffic */
/* Keep a copy so we can try decrypting it with multiple keys */
buffer_copy(&st->scratch, msg0);
/* Keep a copy so we can try decrypting it with multiple keys */
buffer_copy(&st->scratch, msg0);
st->renegotiate_key_time=st->now+st->key_renegotiate_time;
transport_peers_copy(st,&st->peers,&st->setup_peers);
st->renegotiate_key_time=st->now+st->key_renegotiate_time;
transport_peers_copy(st,&st->peers,&st->setup_peers);
if (current_valid(st)) {
slog(st,loglevel,"session closed (%s)",reason);
if (current_valid(st)) {
slog(st,loglevel,"session closed (%s)",reason);
buffer_init(&st->buffer,st->transform->max_start_pad+(4*3));
buf_append_uint32(&st->buffer,LABEL_MSG7);
buf_append_string(&st->buffer,reason);
buffer_init(&st->buffer,st->transform->max_start_pad+(4*3));
buf_append_uint32(&st->buffer,LABEL_MSG7);
buf_append_string(&st->buffer,reason);
&st->buffer, &transform_err);
buf_prepend_uint32(&st->buffer,LABEL_MSG0);
buf_prepend_uint32(&st->buffer,st->index);
&st->buffer, &transform_err);
buf_prepend_uint32(&st->buffer,LABEL_MSG0);
buf_prepend_uint32(&st->buffer,st->index);
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
return True;
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
return True;
/* Transform it and send it */
if (buf->size>0) {
buf_prepend_uint32(buf,LABEL_MSG9);
/* Transform it and send it */
if (buf->size>0) {
buf_prepend_uint32(buf,LABEL_MSG9);
buf, &transform_err);
buf_prepend_uint32(buf,LABEL_MSG0);
buf_prepend_uint32(buf,st->index);
buf, &transform_err);
buf_prepend_uint32(buf,LABEL_MSG0);
buf_prepend_uint32(buf,st->index);
transport_xmit(st,&st->peers,buf,False);
}
BUF_FREE(buf);
transport_xmit(st,&st->peers,buf,False);
}
BUF_FREE(buf);
case 0: /* NAK */
/* If the source is our current peer then initiate a key setup,
because our peer's forgotten the key */
case 0: /* NAK */
/* If the source is our current peer then initiate a key setup,
because our peer's forgotten the key */
initiate_key_setup(st,"received a NAK");
} else {
slog(st,LOG_SEC,"bad incoming NAK");
initiate_key_setup(st,"received a NAK");
} else {
slog(st,LOG_SEC,"bad incoming NAK");
slog(st,LOG_SEC,"invalid MSG5");
}
} else if (st->state==SITE_RUN) {
slog(st,LOG_SEC,"invalid MSG5");
}
} else if (st->state==SITE_RUN) {
- if (process_msg5(st,buf,source,st->current_transform)) {
+ if (process_msg5(st,buf,source,st->current.transform)) {
slog(st,LOG_DROP,"got MSG5, retransmitting MSG6");
transport_setup_msgok(st,source);
slog(st,LOG_DROP,"got MSG5, retransmitting MSG6");
transport_setup_msgok(st,source);
- create_msg6(st,st->current_transform,st->remote_session_id);
+ create_msg6(st,st->current.transform,
+ st->current.remote_session_id);
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
} else {
transport_xmit(st,&st->peers,&st->buffer,True);
BUF_FREE(&st->buffer);
} else {
register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
st->timeout=0;
register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
st->timeout=0;
transport_peers_clear(st,&st->peers);
transport_peers_clear(st,&st->setup_peers);
/* XXX mlock these */
transport_peers_clear(st,&st->peers);
transport_peers_clear(st,&st->setup_peers);
/* XXX mlock these */
for (i=0; i<st->ncomms; i++)
st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);
for (i=0; i<st->ncomms; i++)
st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);