server/peer.c, server/tests.at: Handle NAT swapping over peer addresses.

[tripe] / server / peer.c

diff --git a/server/peer.c b/server/peer.c
index 02fceed..308ab1d 100644 (file)
--- a/server/peer.c
+++ b/server/peer.c
@@ -215,20 +215,21 @@ static int p_decrypt(peer **pp, addr *a, size_t n,
 
   /* --- See whether any mobile peer is interested --- */
 
-  FOREACH_PEER(pp, {
-    if (pp == q || !(pp->spec.f & PSF_MOBILE)) continue;
-    if ((err = ksl_decrypt(&pp->ks, ty, bin, bout)) == KSERR_DECRYPT) {
+  p = 0;
+  FOREACH_PEER(qq, {
+    if (qq == q || !(qq->spec.f & PSF_MOBILE)) continue;
+    if ((err = ksl_decrypt(&qq->ks, ty, bin, bout)) == KSERR_DECRYPT) {
       T( trace(T_PEER, "peer: peer `%s' failed to decrypt",
-              p_name(pp)); )
+              p_name(qq)); )
        continue;
     } else {
-      p = pp;
+      p = qq;
       IF_TRACING(T_PEER, {
        if (!err)
-         trace(T_PEER, "peer: peer `%s' reports success", p_name(pp));
+         trace(T_PEER, "peer: peer `%s' reports success", p_name(qq));
        else {
          trace(T_PEER, "peer: peer `%s' reports decryption error %d",
-               p_name(pp), err);
+               p_name(qq), err);
        }
       })
       break;
@@ -239,7 +240,13 @@ static int p_decrypt(peer **pp, addr *a, size_t n,
 
 searched:
   if (!p) {
-    a_warn("PEER", "-", "unexpected-source", "?ADDR", a, A_END);
+    if (!q)
+      a_warn("PEER", "-", "unexpected-source", "?ADDR", a, A_END);
+    else {
+      a_warn("PEER", "?PEER", p, "decrypt-failed",
+            "error-code", "%d", err, A_END);
+      p_rxupdstats(q, n);
+    }
     return (-1);
   }
 
@@ -252,6 +259,7 @@ searched:
    */
 
   if (!err) {
+    *pp = p;
     if (!q) {
       T( trace(T_PEER, "peer: updating address for `%s'", p_name(p)); )
       pa = am_find(&byaddr, a, sizeof(peer_byaddr), &f); assert(!f);