static void transport_data_msgok(struct site *st, const struct comm_addr *a);
static bool_t transport_compute_setupinit_peers(struct site *st,
const struct comm_addr *configured_addr /* 0 if none or not found */,
- const struct comm_addr *prod_hint_addr /* 0 if none */);
+ const struct comm_addr *incoming_packet_addr /* 0 if none */);
+static void transport_resolve_complete(struct site *st,
+ const struct comm_addr *a);
+static void transport_resolve_complete_tardy(struct site *st,
+ const struct comm_addr *ca_use);
static void transport_record_peer(struct site *st, transport_peers *peers,
const struct comm_addr *addr, const char *m);
append_string_xinfo_done(&st->buffer,&xia);
buf_append_string(&st->buffer,st->remotename);
- memcpy(buf_append(&st->buffer,NONCELEN),st->localN,NONCELEN);
+ BUF_ADD_OBJ(append,&st->buffer,st->localN);
if (type==LABEL_MSG1) return True;
- memcpy(buf_append(&st->buffer,NONCELEN),st->remoteN,NONCELEN);
+ BUF_ADD_OBJ(append,&st->buffer,st->remoteN);
if (type==LABEL_MSG2) return True;
if (hacky_par_mid_failnow()) return False;
* It's best to store it in st->peers now because we might
* go via SENTMSG5, WAIT, and a MSG0, straight into using
* the new key (without updating the data peer addrs). */
- transport_record_peer(st,&st->peers,ca_use,"resolved data");
- transport_record_peer(st,&st->setup_peers,ca_use,"resolved setup");
+ transport_resolve_complete(st,ca_use);
} else if (st->local_mobile) {
/* We can't let this rest because we may have a peer
* address which will break in the future. */
if (ca_use) {
slog(st,LOG_SETUP_INIT,"resolution of %s completed tardily,"
" updating peer address(es)",st->address);
- transport_record_peer(st,&st->peers,ca_use,"resolved tardily");
+ transport_resolve_complete_tardy(st,ca_use);
} else if (st->local_mobile) {
/* Not very good. We should queue (another) renegotiation
* so that we can update the peer address. */
st->setup_session_id=0;
transport_peers_clear(st,&st->setup_peers);
- memset(st->localN,0,NONCELEN);
- memset(st->remoteN,0,NONCELEN);
+ FILLZERO(st->localN);
+ FILLZERO(st->remoteN);
dispose_transform(&st->new_transform);
memset(st->dhsecret,0,st->dh->len);
memset(st->sharedsecret,0,st->sharedsecretlen);
if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
st->state==SITE_WAIT) {
/* We should definitely process it */
- transport_record_peer(st,&st->setup_peers,source,"msg1");
+ transport_compute_setupinit_peers(st,0,source);
if (process_msg1(st,buf,source,&named_msg)) {
slog(st,LOG_SETUP_INIT,"key setup initiated by peer");
bool_t entered=enter_new_state(st,SITE_SENTMSG2);
- if (entered && st->address)
+ if (entered && st->address && st->local_mobile)
/* We must do this as the very last thing, because
the resolver callback might reenter us. */
ensure_resolving(st);
because our peer's forgotten the key */
if (get_uint32(buf->start+4)==st->current.remote_session_id) {
bool_t initiated;
- initiated = initiate_key_setup(st,"received a NAK",0);
+ initiated = initiate_key_setup(st,"received a NAK",source);
if (!initiated) generate_send_prod(st,source);
} else {
slog(st,LOG_SEC,"bad incoming NAK");
st->transport_peers_max= !st->peer_mobile ? 1 : dict_read_number(
dict,"mobile-peers-max",False,"site",loc,DEFAULT_MOBILE_PEERS_MAX);
if (st->transport_peers_max<1 ||
- st->transport_peers_max>=MAX_MOBILE_PEERS_MAX) {
+ st->transport_peers_max>MAX_MOBILE_PEERS_MAX) {
cfgfatal(loc,"site","mobile-peers-max must be in range 1.."
STRING(MAX_MOBILE_PEERS_MAX) "\n");
}
static bool_t transport_compute_setupinit_peers(struct site *st,
const struct comm_addr *configured_addr /* 0 if none or not found */,
- const struct comm_addr *prod_hint_addr /* 0 if none */) {
+ const struct comm_addr *incoming_packet_addr /* 0 if none */) {
- if (!configured_addr && !prod_hint_addr &&
+ if (!configured_addr && !incoming_packet_addr &&
!transport_peers_valid(&st->peers))
return False;
slog(st,LOG_SETUP_INIT,
"using:%s%s %d old peer address(es)",
configured_addr ? " configured address;" : "",
- prod_hint_addr ? " PROD hint address;" : "",
+ incoming_packet_addr ? " incoming packet address;" : "",
st->peers.npeers);
/* Non-mobile peers have st->peers.npeers==0 or ==1, since they
transport_peers_copy(st,&st->setup_peers,&st->peers);
- if (prod_hint_addr)
- transport_record_peer(st,&st->setup_peers,prod_hint_addr,"prod");
+ if (incoming_packet_addr)
+ transport_record_peer(st,&st->setup_peers,incoming_packet_addr,
+ "incoming");
if (configured_addr)
transport_record_peer(st,&st->setup_peers,configured_addr,"setupinit");
static void transport_peers_copy(struct site *st, transport_peers *dst,
const transport_peers *src) {
dst->npeers=src->npeers;
- memcpy(dst->peers, src->peers, sizeof(*dst->peers) * dst->npeers);
+ COPY_ARRAY(dst->peers, src->peers, dst->npeers);
transport_peers_debug(st,dst,"copy",
src->npeers, &src->peers->addr, sizeof(*src->peers));
}
+static void transport_resolve_complete(struct site *st,
+ const struct comm_addr *ca_use) {
+ transport_record_peer(st,&st->peers,ca_use,"resolved data");
+ transport_record_peer(st,&st->setup_peers,ca_use,"resolved setup");
+}
+
+static void transport_resolve_complete_tardy(struct site *st,
+ const struct comm_addr *ca_use) {
+ transport_record_peer(st,&st->peers,ca_use,"resolved tardily");
+}
+
void transport_xmit(struct site *st, transport_peers *peers,
struct buffer_if *buf, bool_t candebug) {
int slot;